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Windows  safety 

among  those  safeguarding  Microsoft  networks.  PAGE  8. 


Security  templates  winning  converts 


Secure  passage  It's  taken  a  while  but  users  are 

starting  to  exploit  advanced  LAN  switch  security  features.  PAGE  20. 
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■  A  CLOSER  LOOK:  TELEPHONY  CONVERGENCE 


IP  PBXs 
stealing 
Centrex's 
thunder 

■  BY  PHIL  HOCHMUTH 

BOSTON  —  Reduced  tele¬ 
com  costs,  easier  network  ad¬ 
ministration  and  the  promise 
of  less  expensive,  more  respon¬ 
sive  disaster-recovery  opera¬ 
tions  convinced  Fidelity  Invest¬ 
ments  it  could  wean  itself 
from  traditional  Centrex  ser¬ 
vices  and  move  to  IP  PBXs. 

The  financial  services  giant 
is  one  of  the  larger  Centrex 
users  in  the  country  with  more 
than  1 1,000  phone  lines,  but  it 
has  begun  a  large-scale  voice- 
over-IP  (VoIP)  implementation 
and  now  uses  approximately 
See  Centrex,  page  53 


IP  up,  Centrex  down 

As  IP  PBX  and  hosted  VoIP 
usage  grows,  traditional 
Centrex  services  are 
expected  to  suffer. 


2001  2008 


Centrex  lines  sold 
IP  Centrex/hosted 
VoIP  lines  sold 
IP  PBX  port  shipments 

SOURCES-  FROST  &  SULLIVAN. TEQ  CONSULTING 


It's  showtime  for  Wi-Fi 

■  BY  DENISE  PAPPALARDO, 

JOHN  COX  AND  MIKE  MARTIN 

If  Intel  and  others  have  their 
way,  wireless  LANs  soon  will 
become  as  much  a  feature  of  the 
U.S.  landscape  as  gas  pumps  and 
automated  teller  machines. 

Intel’s  formidable  marketing 
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machine  was  running  at  full  tilt 
last  week  as  the  company  — 
backed  by  partners  as  varied  as 
Toshiba  and  McDonald’s  — 
launched  mobile  chip  technol¬ 
ogy  called  Centrino,  which  in¬ 
dustry  watchers  say  could  help 
drive  wider  use  of  Wi-Fi  (802. 1 1  b) 
See  CTIA,  page  12 


Groups  spar  over 
Web  standards 


■  BY  JOHN  FONTANA 

In  their  haste  to  assume  a  lead¬ 
ership  role  in  Web  services  stan¬ 
dards,  IBM  and  Microsoft  are  said 
to  be  stepping  on  toes  by  foster¬ 
ing  proposals  that  compete  with 
those  of  other  groups.  The  moves 
have  raised  the  possibility  of  such 
standards  becoming  fragmented, 
as  well  as  questions  about  intel¬ 
lectual  property  rights,  both  of 
which  critics  fear  could  ultimately 
hurt  adoption. 

The  issue  was  highlighted  last 
week  when  IBM  and  Microsoft, 
along  with  BEA  Systems  and 


Tibco,  unveiled  two  specifications 
for  reliable  messaging  standards. 
The  announcement  came  just 
two  weeks  after  all  four  compa¬ 
nies  refused  invitations  to  join  the 
newly  chartered  Web  Services  Re¬ 
liable  Messaging  (WS-RM)  tech¬ 
nical  committee  at  the  Organ¬ 
ization  for  the  Advancement  of 
Structured  Information  Standards 
(OASIS),  which  is  developing  a 
nearly  identical  specification  to 
the  IBM/Microsoft  group. 

It’s  the  second  major  area  in 
which  IBM  and  Microsoft  have 
joined  to  introduce  a  protocol  to 
compete  with  existing  proposals 


before  established  standards 
bodies.The  other  area  is  business 
process  workflow,  for  which  the 
two  have  proposed  the  Business 
Process  Execution  Language  for 
Web  Services  (BPEL4WS),  which 
competes  with  efforts  under  way 
at  the  World  Wide  Web  Consor¬ 
tium,  OASIS  and  BPMI.org. 

Over  the  past  year,  the  IBM/ 
Microsoft  tandem  has  become 
the  leading  force  in  developing 
standards  protocols  that  fill 
major  holes  in  Web  services 
technology,  including  reliability, 
security  and  business  process 
See  Standards,  page  14 


Follow  the  IT  staffers  at  Aquent, 
a  Boston  consultancy,  as  they  .. 
transfer  their  e-mail  servers .. 
to  a  new  collocation  facility.  %, 

Page  38.  W 

Follow  the  next  two  phases  of  the  move 
in  a  Weblog  by  GT0  Larry  Bolick  (inset). 

www.nwfusion.com,  DocFinder:  5983 


I AMA 
SOYBEAN. 

i  CAN  BUILD  YOUR  NEXT  HOUSE.  I  CAN  BE  MIXED  WITH  RECYCLED 
NEWSPRINTTO  CREATE  AN  ECO-FRIENDLY  CONSTRUCTION  MATERIAL. 
I  HAVE  THE  POWER  TO  BE  STRONG.  I  HAVE  THE  PHYSICAL  PROPERTIES 
OF  WOOD.  I  HAVE  THE  POWER  TO  MAKE  A  LOVELY  COFFEE  TABLE.  I  AM 
MORE  THAN  A  SOYBEAN. 


I  AM  A 
NETWORK. 

I  CAN  BUILD  INDUSTRIES  FROM  A  BEAN.  I  CAN  GIVE  REAL-TIME 
INVENTORY  UPDATES  TO  RETAILERS,  MANUFACTURERS  AND 
FARMERS  SO  NO  BEAN  IS  WASTED.  I  CAN  GUARD  SOY  SECRETS  FROM 
ECO-FRIENDLY  YET  RUTHLESS  COMPETITORS.  I  CAN  USE  THE  POWER 
OF  CONVERGED  DATA,  VOICE  AND  VIDEO  TO  TEACH  A  GLOBAL  SALES 
FORCE  ABOUT  THIS  VERSATILE  LEGUME.  I  AM  MORE  THAN  A  NETWORK. 


THIS  IS  THE  POWER  OF  THE  NETWORK.  nOW. 
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Just  because  you  can  doesn't;  mean  you  should 
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iPass  weaves  together  leading  networks  around  the  world,  so  you  can  connect  where  and  when  you  want. 

The  iPass  Corporate  Access’"  service  gives  you  wireless,  broadband  and  dial-up  access  from  over  200 
enterprise-ready  providers — delivered  with  secure  authentication,  centralized  billing  and  management,  and  a 
reliable,  consistent  connection  experience.  Try  to  restrain  yourself.  Learn  how  to  integrate  Wi-Fi  simply, 
safely  and  affordably.  View  the  “Add  Wireless  to  Your  World”  demo  at  www.ipass.com/wireless2. 
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Diary  of  a  data  center  move: 

Aquent's  tech  team  started  at  7:30  on  a  Saturday 
morning  and  didn't  wrap  up  until  4  a.m,  Sunday. 
Follow  their  long,  but  successful,  day.  Pagf  ' 
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Moving  blog:  Follow  the  next  two  phases 
of  the  data  center  move  in  CTO  Larry  Bolick's 

blog  DocFinder:  4745. 


Security  squabble:  An  alert  reader  points 

out  a  security  flaw  in  Oracle  software,  raising  the  issue  of 
the  effectiveness  of  security  bulletins.  Page  41. 


CTO  Larry  Bolick 
began  planning  last 
month. 
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Interactive 

Audio  primer:  Digital  rights  management 

Find  out  what  10  things  you  need  to  know  before  implementing  digital 
rights  management  in  your  enterprise.  DocFinder:  4741 

Forum:  Why  aren't  you  migrating  to  Linux? 

"Backspin"  columnist  Mark  Gibbs  posted  the  question  in  a  recent  col¬ 
umn  and  readers  are  firing  back  answers.  One  response:  It  doesn't 
work.  DocFinder:  4734 

Forum:  Wireless  point  of  failure 

Our  recent  article  on  wireless  switching  prompts  one  reader  to  wonder 
whether  vendors  are  creating  systems  that  could  fail  too  easily. 

DocFinder:  4735 

Seminars  and  Events 

Get  the  latest  on  wireless  technology 

Wireless  LAN  technology  is  one  of  the  hottest  IT  topics  today.  Join  Tom 
Henderson  for  Network  World's  Technology  Tour,  "Wireless  LANs:  Building 
and  Managing  a  Well-Integrated  802.11  Network,"  and  learn  how  you  can 
seamlessly  meld  wireless  technology  into  your  company  today. 

DocFinder:  4344 
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Columnists 

Compendium 

Beta  problems 

Fusion  Executive  Editor  Adam  Gaffin  points  to  a  good 
description  by  a  Microsoft  engineer  on  what  happens  when 
they  run  into  a  problem  with  beta  software. 

DocFinder:  4737 

Telework  Beat 

Telework  for  dummies 

Net.Worker  Managing  Editor  Toni  Kistner  wonders  whether 
telework  training  is  a  solution  in  search  of  a  problem. 

DocFinder:  4738 

Small  Business  Tech 

Two  ways  to  back  up  files  offsite 

James  Gaskin  offers  suggestions  on  ways  to  protect  your 

data  by  keeping  it  at  a  third-party  location.  DocFinder 

4739 

Digital  Domicile 

Gaming  drives  home  networks 

Mike  Wolf  on  whether  SOHO  network  vendors  should  target 

the  growing  gaming  market  more  aggressively. 

DocFinder:  4740 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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Microsoft  adjusts  per-processor  pricing 


■  Microsoft  last  week  altered  its  per-processor  pricing  policy 
in  an  effort  to  align  itself  with  the  way  competitors  such  as 
Oracle  price  software.  Microsoft  has  been  criticized  for 
requiring  customers  to  purchase  licenses  to  correspond  to 
the  number  of  processors  on  a  machine,  whether  or  not 
those  processors  are  used  to  run  Microsoft’s  server  software. 
For  example,  a  copy  of  SQL  Server  running  on  a  single 
processor  on  a  16-way  server  would  require  16  licenses. 
Under  the  new  licensing,  users  will  need  to  buy  licenses 
based  only  on  the  number  of  processors  used. 

“Microsoft  wants  to  be  competitive,  and  it  needs  to  rebuild 
and  repair  customer  trust  in  the  wake  of  their  Licensing  6.0 
program,” says  Alvin  Park,  an  analyst  with  Gartner.  Licensing 
6.0,  begun  last  year,  meant  higher  licensing  fees  for  many 
customers.  The  servers  that  fall  under  the  new  pricing  are 
Application  Center,  BizTalk,  Microsoft  Operations  Manager, 
Host  Integration  Server,  Content  Management  Server, 
Commerce  Server,  Internet  Security  and  Acceleration 
Server,  and  SQL  Server. 


Flaw  found  in  PeopleSoft  Java  servlet 

■  Internet  Security  Systems  is  warning  of  a  potential  security  compromise  in 
the  Web  server  component  in  certain  versions  of  PfeopleSoft  8.  A  Java  servlet 
used  in  the  PeopleSoft  Tools  reporting  function,  which  is  part  of  the  standard  PeopleSoft 
configuration,  could  be  exploited  by  a  malicious  user  to  run  arbitrary  code  on  the 
affected  server.  ISS  believes  this  could  lead  to  a  complete  server  compromise.  A  patch 
is  available  to  PeopleSoft  customers  via  the  company’s  support  Web  site.  For  more  infor¬ 
mation,  read  the  ISS  advisory  at  www.nwfusion.com,  DocFinder:  4748. 


IETF  group  to  tackle  procedural  issues 

■  The  Internet  Engineering  Task  Force  will  meet  in  San  Francisco  this  week  to  discuss, 
among  other  things,  problems  within  its  internal  structure  that  might  be  throwing  hur¬ 
dles  in  the  way  of  protocol  work.  At  its  last  meeting  in  November,  the  IETF  formed  a 
working  group,  dubbed  Problem,  after  hearing  concerns  from  members  that  the  stan- 
dards-setting  body  was  moving  too  slowly  and  was  not  adequately  responding  to  real- 
world  issues.  As  a  result, a  mailing  list  was  initiated  for  members  to  share  concerns  about 
IETF  processes,  and  in  February  a  draft  statement  outlining  those  concerns  was  sub¬ 
mitted  (see  DocFinder:  4749). 


How  to  settle  telecom  disputes 

CNN  reported  last  week  that  the  CEOs  of  two  New  Zealand  telecom  companies  settled 
a  disagreement  over  wireless  access  by  arm  wrestling.  The  winner  said  that  in  the 
future  he'd  try  negotiating  more,  because  arm  wrestling  “is  not  that  easy." 

Read  more  at  ieww.ruvfusion.com,  DocFinder:  4733. 


The  Good 


Golden  access.  Who  says  there  isn't 
enough  competition  in  the  'Net  access  market? 
McDonald's  this  week  plans  to  begin  offering  a  free 
hour  of  Wi-Fi  (802.11b)  Internet  access  to  buyers 
of  its  combo  meals  at  10  restaurants  in  Manhattan 
and  extend  the  program  to  300  restaurants  in  New 
York,  Illinois  and  California  by  year-end.  It's  only  a 
matter  of  time  until  other  telecom  wannabes  such 
as  Burger  King  and  Wendy’s  weigh  in.  > 


Troubleshooter,  a  man  was  jailed  earlier  this  month  for  shooting  his  laptop 
computer  four  times  in  a  Lafayette,  Colo.,  bar,  apparently  sick  of  the  device  crashing. 
After  shooting  the  Dell  machine,  the  man  hung  it  on  the  wall  as  trophy.  No  word  on 
whether  the  bullets  got  the  PC  working  again. 


Network  nightmares.  The  Yankee  Group  recently  surveyed  companies 
to  find  out  what  IT  issues  most  often  keep  them  up  at  night.  At  the  top  of  the  list: 
containing  network  costs.  Other  sleep-deprivers:  removing  legacy  technologies,  supporting 
mobile/wireless  connections  and  staff  shortages/costs. 


Survey  shows  continued  growth  for  DSL 

■  DSL  growth  picked  up  steam  in  the  second  half  of  last  year, according  to  an  analysis  by 
research  firm  Point  Topic.  Providers  worldwide  added  10.3  million  DSL  connections  in  the 
second  half  of  2002,  compared  with  only  6.9  million  new  lines  in  the  first  half  of  the  year, 
bringing  the  total  number  of  DSL  connections  to  35.9  million.  North  American  providers 
added  1.2  million  lines  in  the  second  half  of  2002, compared  with  888,000  lines  in  the  first 
half  of  the  year. 

SAP  founder  stepping  down 

■  SAP  announced  last  week  that  company  founder  Hasso  Plattner  will  step  down  as  co- 
CEO.Henning  Kagermann.who  has  been  sharing  the  CEO  title  with  Plattner  since  1998,  will 
assume  the  sole  CEO  role.  Plattner  founded  the  business  software  maker  in  1972  with  four 
colleagues  from  IBM.  He  is  the  last  of  the  five  founders  to  relinquish  active  control  of  oper¬ 
ations  at  the  German  company,  which  today  is  Europe’s  largest  software  maker. The  com¬ 
pany  said  Plattner’s  retirement  is  effective  May  9,  when  he  will  join  the  company’s  16-mem¬ 
ber  supervisory  board,  which  advises  and  supervises  the  company’s  executive  leadership. 

WorldCom  writes  off  almost  $80  billion 

■  WorldCom  last  week  announced  it  has  written  off  $79.8  billion  in  goodwill  and  other 
assets  as  the  telecom  company  struggles  to  recover  from  the  largest  bankruptcy  in  U.S. 
history.  Goodwill  is  a  dollar  amount  placed  on  intangible  factors  such  as  the  value  of  a 
company’s  reputation  and  anticipated  future  earnings,  in  excess  of  asset  value. Generally 
accepted  accounting  principles  call  for  goodwill  to  be  written  off  over  time,  but  usually 
on  a  more  gradual  schedule. 
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Because  "ON"  is  the  only  option 


Availability  in  your  network  is  more  critical  than  ever, 
because  it's  not  if,  but  when  all  communication  such  as 
voice,  data,  and  video  will  digitally  converge  over  IP 
and  Ethernet. 

That  means  your  enterprise  network  must  be  carrier  class, 
with  self-healing  components  capable  of 
continuous  operation. 

That  also  means  you  need  to  eliminate  all 
backdoor  passwords,  and  administration 
rights  must  be  restricted  based  on  the  skill  set  of 
the  administrator. 
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Alcatel's  new  OmniSwitch  redefines  availability  for  the 
enterprise,  with  carrier-class  technology  that  delivers  next- 
generation  capabilities  right  now,  without  a  cost  premium. 

Alcatel  has  a  history  of  innovation  and 
proven  leadership,  and  has  been  building 
carrier  networks  around  the  world  for  over 
half  a  century. 

Carrier  class  is  a  distinction  you  have  to 
earn.  We've  earned  it  and  now  bring  it  to 
the  enterprise  with  the  next  generation 
OmniSwitch  family. 


Alcatel  builds 

carrier-class  networks 
for  the  enterprise 


www.alcatel.com/enterp 

(800)  995-2612 
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Security  templates  gaining  favor 


EDITORIAL  DIRECTOR:  JOHN  GALLANT 
EDITOR  IN  CHIEF:  JOHN  DIX 


a  BY  ELLEN  MESSMER 

ORLANDO  —  Security  professionals  at  last 
week's  InfoSec  conference  gathered  to  swap 
ideas  on  tools  and  practices  that  make  their 
jobs  easier.  Among  the  most  popular  advice 
was  to  try  Microsoft’s  security  templates. 

The  templates  are  text-based  .inf  files  that 
can  be  applied  to  Windows  2000  and  XP  desk¬ 
tops  and  servers  via  the  Microsoft  Manage¬ 
ment  Console  or  Active  Directory  to  enforce 
password  requirements,  access-control  lists, 
file  permissions  and  more.  A  network  admin¬ 
istrator  can  blast  out  template-based  security 
settings  to  target  hosts  with  a  touch  of  a  button 
rather  than  visiting  each  machine. 

“We’re  doing  a  major  rollout  of  XP  and  we’ll 
use  the  security  templates  to  enforce  policy?’ 
said  Kerry  Anderson,  information  security 
officer  for  Fidelity  Investments  in  Boston, dur¬ 
ing  a  presentation  she  gave  on  the  dangers  of 
Web  mobile  code. 

Some  Web  plug-ins  for  online  games  have 
been  discovered  to  contain  Trojan  horses,  so 
they’re  now  off-limits  to  all  Fidelity  employees, 
Anderson  said.  Using  Microsoft  security  tem¬ 
plates,  Fidelity  easily  can  lock  down  every 


user’s  desktop  to  keep  prohibited  applications 
from  running. 

Security  templates  have  the  federal  govern¬ 
ment’s  eye  as  well.  Working  with  the  National 
Security  Agency  and  the  National  Institute  of 
Standards  and  Technology,  Microsoft  just 
issued  a  set  of  security  templates  intended  for 
the  government  under  its  Common  Criteria 
guidelines.These  templates  are  designed  to 
make  it  easier  to  apply  restrictions  for  sensitive 
data  and  groups. 

But  according  to  PricewaterhouseCoopers 
consultant  Mark  Lobel,  who  led  an  educa¬ 
tional  session  at  InfoSec  on  how  to  use 
Microsoft  security  templates,  most  compa¬ 
nies  probably  are  not  taking  advantage  of 
them  yet.  While  the  technology  simplifies  the 
pushing  out  of  rules  to  desktops  and  servers, 
a  lot  of  upfront  planning  on  corporate  secu¬ 
rity  policy  needs  to  be  done  first,  he  said. 

“You  need  to  understand  the  business  pur¬ 
pose  of  your  server,”  Lobel  said.  “To  lock  it 
down, you  lock  it  down  for  a  business  use.” 

Security  templates  can  be  customized  and 
used  for  purposes  such  as  auditing  comput¬ 
ers.  Microsoft  lacks  a  log-collection  tool  for 
this,  but  tools  from  IBM  Tivoli  and  others  can 


be  used. 

Gary  Bahadur,  CIO  for  security  company 
Foundstone  of  Mission  Viejo,  Calif.,  spoke 
about  his  company’s  experience  using  Micro¬ 
soft’s  group  policy  security  templates,  which 
allow  for  role-based  administration. 

“If  you  want  to  configure  a  human  resources 
template,  for  instance,  you  can,”  he  said. “You 
can  push  these  out  to  a  group  of  users  or  a 
group  of  servers,  all  with  one  template.” 

Bahadur  said  the  software  restriction  policy 
which  is  new  to  XP  and  Windows  2003  (now 
in  beta),  is  the  “most  powerful  means  yet”  that 
Microsoft  has  created  for  controlling  software 
use.  In  addition,  it  lets  companies  define  re¬ 
strictions  for  802.1  l-based  wireless  network 
use  in  Win  2003. 

One  of  the  toughest  challenges  is  convinc¬ 
ing  employees  that  their  computer  use  should 
be  restricted,  Bahadur  added.“We’ve  had  trou¬ 
ble  trying  to  enforce  this  with  power  users  not 
accustomed  to  restrictions,”  he  said.B 

Security 

Subscribe  to  our  free  newsletter. 
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EMC,  Dell  push  disk-based  storage  arrays 


r  \ 

Storage  speed 

Performance  data  of  key  ATA,  tape  and  SCSI  devices 
according  to  the  Enterprise  Storage  Group. 


Cost/G-byte  Native  data  rate  1 

ATA 

$1.44 

100M  byte/sec 

Serial  ATA 

N/A 

150M  byte/sec 

Serial  ATA  2 

N/A 

300M  byte/sec 

SCSI 

$5.42 

320M  byte/sec 

Digital  Linear  Tape  320 

$0.88 

16M  byte/sec 

Linear  Tape  Open  Generation  1 

$0.99 

15M  byte/sec 

Linear  Tape  Open  Generation  2 

$0.58 

30M  byte/sec 

v _ 


■  BY  DENI  CONNOR  AND 
ASHLEE  VANCE 

Network  managers  using  cum¬ 
bersome,  slow-to-retrieve  tape- 
based  storage  to  protect  their 
data  now  will  be  able  to  back  up, 
archive  and  restore  it  faster  with 
inexpensive  disk-based  storage 
arrays  that  EMC  and  Dell  jointly 
announced  last  week. 

EMC  has  opted  to  put  low-cost 
Advanced  Technology  Attach¬ 
ment  (ATA)  drives  into  its 
Clariion  storage  systems  as  an 
option  alongside  current  Fibre 
Channel  drives.The  new  ATA  dri¬ 
ves  could  attract  users  who  want 
to  substitute  disk-based  storage 
system  for  tasks  that  slower  tape 
drives  handle.  EMC  and  Dell  will 
make  the  drives  available  in  the 
Clariion  CX400  and  CX600  mid¬ 
range  storage  arrays. 

EMC  has  long  promoted  the 
use  of  disk-based  storage  to  help 
keep  data  readily  available  and 
increase  back-up  and  restore 
speeds.  Many  companies,  how¬ 
ever,  still  use  tape  because  of  its 
low  cost.  This  latest  move  by 
EMC  and  Dell  toward  ATA  drives 
could  give  ATA  a  boost  in  this 
battle  between  disk  and  tape, 
analysts  say. 

“EMC  is  traditionally  a  very  cau¬ 


tious,  conservative  compand’ says 
Tony  Prigmore,a  senior  analyst  at 
Enterprise  Storage  Group.  “Now 
what  you  are  seeing  is  very  rapid 
adoption  of  a  technology  you 
wouldn’t  expect  the  incumbent 
[storage  vendor]  to  be  first  to 
market  with.  No  one  expected 
EMC  to  do  this  that  fast.” 

ATA  drives,  commonly  used  in 
PCs  and  servers,  allow  back-up 
operations  at  as  much  as  eight 
times  the  speed  of  tape-based 
media  at  a  cost  that  approaches 
that  of  tape.  But  they  are  not  as 
reliable  or  as  fast  as  SCSI  or  Fibre 
Channel  alternatives,  experts  say. 

Enterprise  Storage  Group  says 


1G  byte  of  ATA  disk  space  will 
cost  $1.44  compared  with  99 
cents  for  Linear-Tape  Open  1  tape 
drives.  By  contrast,  1G  byte  of 
Fibre  Channel  storage  averages 
$63,  more  than  40  times  as  much 
as  ATA. 

Using  ATA  drives  for  backing 
up  data  and  tape  for  archiving 
data  is  not  new.  Vendors  of  net¬ 
work-attached  storage  (NAS) 
and  storage  systems  such  as 
ATTO  Technology,  Avamar  Tech¬ 
nologies,  Network  Appliance, 
Quantum  and  StorageTek  ship 
ATA-based  arrays  for  backing  up 
data.  EMC  uses  ATA  disks  in  its 
Centera  array  for  storing  data 


that  doesn’t  change  over  time, 
such  as  digital  images.  What  dif¬ 
ferentiates  Dell’s  and  EMC’s  ATA 
drives  from  these  products  is  that 
CX  arrays  can  attach  to  either  a 
storage-area  network  or  to  the 
network  as  NAS  devices. 

The  new  ATA  enclosure  is 
priced  starting  at  $21,000  with  a 
1 .25-terabyte  capacity  For  new  CX 
customers,  the  price  is  $127,000 
for  the  CX  array  with  10  terabytes 
of  capacity 

In  addition  to  the  disk  an¬ 
nouncement,  EMC  says  it  will 
offer  new  storage  software  for  its 
Clariion  and  Symmetrix  storage 
systems  that  lets  customers  mi¬ 
grate  and  distribute  data  between 
storage  arrays.  Called  EMC  SAN 
Copy  the  software  can  be  used  to 
transfer  large  chunks  of  data  from 
one  system  to  another  at  as  fast  as 
4  terabyte/hour. 

The  software  could  be  used,  for 
example,  to  move  information 
from  a  production  system  to  a 
test  system  for  application  tun¬ 
ing,  for  large  backups, or  for  shift¬ 
ing  information  from  an  older 
system  to  a  new  one.  It  costs 
$18,000. 

Vance  is  a  correspondent  with 
the  IDG  News  Service’s  San 
Francisco  bureau. 
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New  HP  services  aim  to  reduce  printing  costs 


■  BY  JENNIFER  MEARS 

PALO  ALTO  —  HP  is  rolling  out  services  it 
says  will  help  companies  manage  server 
and  printing  costs. 

In  two  announcements  last  week,  HP  un¬ 
veiled  an  on-demand  pricing  scheme  that 
will  let  HP  charge  corporations  only  for  the 
percentage  of  CPU  used  in  their  Super- 
dome  servers,  as  well  as  new  printing  and 
imaging  services  designed  to  streamline 
costs. 

“It  is  incumbent  upon  technology  com¬ 
panies  to  come  up  with  a  way  to  respond 
to  the  needs  of  customers  who  are  taking  a 
look  at  their  businesses  and  saying,  ‘Gee, 
the  revenue  picture  is  a  little  more  cloudy 
than  it  might  have  been  during  the  ’90s’  ” 
says  Irv  Rothman,  president  and  CEO  of  HP 
Financial  Services.“We’re  in  a  down  cycle.” 

As  a  result,  HP  Financial  Services  an¬ 
nounced  an  automated  metering  technol¬ 
ogy  that  monitors  exactly  how  much  of  a 
CPU  is  used  within  a  customer’s  Super- 


Costly  prints 

Imaging  and  printing  can 
consume  as  much  as 

15% 

of  a  company’s  annual  revenue. 

SOURCE:  CAP  VENTURES 


dome  server,  letting  customers  pay  for 
resources  only  when  they  need  them. 

HP  places  a  ProLiant  server  with  special 
software  on  the  customer  premises  to  auto¬ 
matically  track  CPU  usage.  That  data  is 
encrypted  and  securely  transmitted  to  HP 
via  the  Internet.  Customers  are  billed  only 
for  the  processing  power  they  use  within 
the  Unix  boxes.  Customers  must  guarantee 
25%  utilization  of  the  servers  per  month, 
but  Rothman  couldn’t  provide  an  average 
for  the  cost. 

HP  initially  rolled  out  its  On  Demand  ser¬ 
vices  in  2000,  but  this  is  the  first  time  it  has 
charged  customers  for  portions  of  CPU 
use,  rather  than  per  CPU,  he  says. 

David  Tapper,  senior  analyst  at  IDC,  says 
HP  is  demonstrating  that  it  has  the  tech¬ 
nology  to  bill  customers  in  a  utility-like 
manner,  but  is  still  not  providing  a  true  util¬ 
ity  model. 

“A  real  utility  is  one  in  which  you  share 
with  other  customers,”  he  says. 

As  for  printing  and  imaging  budgets,  HP 
says  it  will  be  able  to  cut  those  costs  by  as 
much  as  35%  by  providing  companies  with 
services  that  streamline  printing  and  imag¬ 
ing  jobs.  HP  is  competing  with  companies 
such  as  IBM,  which  already  offer  similar 
printing  services. 

HP  is  combining  its  services  capabilities 
with  its  printing  expertise  to  help  cus¬ 


tomers  view  imaging  and  printing  as  part 
of  the  IT  infrastructure,  thus  letting  them 
manage  costs  more  effectively,  says  Steve 
Culhane,  a  vice  president  at  HP 


HP’s  new  services  are  grouped  into  three 
areas:  business  critical,  to  help  ensure  the 
reliable  delivery  of  information  to  a  variety 
of  devices;  infrastructure, to  help  customers 


reduce  the  number  of  printers  and  other 
devices  used;  and  digital  publishing,  to  let 
customers  perform  such  tasks  as  printing 
on  demand.  ■ 
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Electronic  Labeling  Systems 


Tony  Seriqnese 
Information  Systems  Director 
Brother  International  Corporation 
Bridqewater,  NJ 

Uses  the  PT-230Q 
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In  my  office,  I  have  to  keep  everything 
running  smoothly.  From  servers  to  work¬ 
stations,  one  disruption  can  be  disastrous 
and  cost  the  company  a  lot  of  money. 

That's  why  I  use  the  P-touch®  PT-2300. 

With  P-touch  labels,  I  can  easily  identify  all  my 
servers,  workstations,  patch  panels,  cables 
and  face  plates,  making  troubleshooting  quick 
and  minimizing  downtime. 


job  done,  even  when 
I’m  out  of  the  office. 


From  LANs  to 
WANs,  Intranet 
to  Internet,  my 
P-touch  labeler  makes  every 
connection  possible. 


P-touch  systems  -  the  perfect  office  labels, 


wherever  your  office  may  be. 


P-touch®  Electronic  Labeling  Systems 
create  industrial  strength  and  standard 
adhesive-backed  laminated  labels  to 
organize  virtually  anything. 

•  Standard  Laminated  Tapes:  Bright,  easy-to- 
read  labels,  perfect  for  safety  precautions 
and  high  visibility  when  hidden  behind  cables. 
Available  in  a  variety  of  colors  and  widths. 

•  Security  Tapes:  Leave  a  checkered  pattern 
if  removed,  to  see  if  anyone  has  tampered 
with  them. 


Plus,  the  PT-2300's  portable  design  lets  me 
print  labels  virtually  anywhere.  Or,  I  can 
connect  it  to  my  PC  to  create  customized 
labels  with  my  company  logo  and  special 
datacom  symbols.  And  with  equipment  that’s 
clearly  marked,  I  can  trust  my  staff  to  get  the 


QUESTIONS 

about  P-touch  industrial  products? 

Email  the  product  manager  at 
lndustrial@brother.com 
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(800)622-6312 

(800)825-5517 

(800)463-9275 

(847)918-3700 

•  Extra-Strength  Adhesive  Tapes:  Adhere  up 
to  two  times  stronger  than  standard  laminated 
tapes.  Perfect  for  textured,  coated  surfaces 
such  as  patch  panels,  computer  equipment,  etc. 


Most  P-touch  systems  come  with  one  tape.  Adflitional  tapes  are  avaHaole  lor 
purchase.  Not  all  models  accept  all  tapes.  See  packaging  for  details. 


www.brother.com  •  1-877-4PT0UCH 
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IBM  set 
to  bulk-up 
Big  Iron 

■  BY  DENI  CONNOR  AND 
JENNIFER  MEARS 

Data  center  customers  running 
big  applications  and  supporting 
large  networks  will  be  the  targets 
of  a  powerful  new  mainframe 
IBM  is  set  to  debut  later  this  year. 

The  Generation  8  (G8)  main¬ 
frame, code  named  T-Rex,  initially 
will  have  16  processors  under  a 
single-system  image  —  meaning 
applications  and  data  sets  can  be 
run  across  multiple  processors 
—  but  will  expand  to  32  proces¬ 
sors  during  the  next  two  years 
and  eventually  support  as  many 
as  64  processors.The  G8  will  per¬ 
form  at  as  many  as  440  million 
instructions  per  second,  about 
33%  faster  than  the  fastest  IBM 
mainframe  today,  analysts  say. 
T-Rex  could  be  announced  by 
See  IBM,  page  12 


Brix  safeguards  Aetna  network 


■  BY  TIM  GREENE 

HARTFORD,  CONN.  —  When 
Aetna  decided  that  running  voice 
over  IP  among  some  of  its  100 
sites  could  save  money,  the  insur¬ 
ance  giant  turned  to  Brix  Net¬ 
works  to  monitor  voice  quality 
from  an  end-user  perspective. 

Aetna  already  used  Micro¬ 
muse’s  carrier-grade  NetCool 
management  platform,  but  that 
software  provides  a  centralized 
view  of  the  network,  says  Geof 
Carofino,  network  engineer  for 
Aetna.  Keeping  the  network  up 
to  par  for  voice  required  more 
continuous,  distributed  monitor¬ 
ing  to  check  for  delay  and  jitter 
that  could  degrade  voice  quality 
he  says. 

Aetna  has  installed  about  20 
Cisco  VoIP  gateways  between  tra¬ 
ditional  PBXs  and  the  WAN  links 
that  tie  the  sites  together.  If  a  site 
on  average  has  50  or  more  con¬ 
current  calls  with  other  sites,  run- 


Aetna  insures  voice  quality 


Aetna  uses  Brix  Networks'  gear  to  test  whether  its  WAN  is  up  to  handling 
high-quality  IP  voice  calls. 

Brix  verifier 


Cisco  gateways  turn  digital  voice 
into  IP  traffic  for  transport  over 
the  Aetna  WAN. 


Brix  verifier 
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VoIP  gateway 


© 


BrixWorx  software  reports  on  performance 
factors  such  as  delay,  packet  loss,  jitter  and 
out-of-sequence  packets. 


Brix  gear  at  each  site  simulates 
traffic,  including  voice,  to  test 
network  performance. 


PBX 


BrixWorx 


ning  IP  voice  over  the  data  WAN 
is  less  expensive  than  paying  the 
phone  company  for  regular  toll 
calls,  Carofino  says. 

Many  of  those  WAN  links  are 
dedicated  circuits,  so  enough 


U.S.  security  on  fast  track 

Program  aimed  at  accelerating  military’s  IT  procurement  processes. 


BY  ANN  BEDNARZ 


Technology  for  the  field 


A  handful  of  technology  ven¬ 
dors,  including  IBM,  are  participat¬ 
ing  in  a  series  of  demonstrations 
aimed  at  stocking  government 
agencies  more  quickly  with  the 
tools  they  need  to  combat  threats 
to  U.S.  security. 

The  demonstrations  are  part  of 
a  U.S.  Department  of  Defense  pro¬ 
gram  designed  to  expedite  the 
evaluation  and  deployment  of 
technologies  with  potential  mili¬ 
tary  application.  The  Advanced 
Concept  Technology  Demon¬ 
stration  (ACTD)  program,  which 
dates  to  1995,  is  responsible  for 
getting  new  tools  —  such  as 
unmanned  aerial  vehicles  and 
unattended  ground  sensors  —  in 
the  hands  of  agency  and  field  personnel  faster  and 
with  more  end-user  input  than  traditional  develop¬ 
ment  and  procurement  processes  allow. 

“An  ACTD  is  a  formal  Department  of  Defense  ac¬ 
quisition  process,”  says  Jeff  Gerald,  technical  man¬ 
ager  of  the  Homeland  Security  Command  and  Con¬ 
trol  ACTD.“We  demonstrate  these  technologies,  we 
refine  them,  and  then  we  look  to  transition  them  to 
the  services  and  combatant  commanders.  It’s  a  little 
bit  ‘try  before  you  buyf"  he  says. 

The  ACTD  program  is  about  “fast-tracking  technol¬ 
ogy  transfer  adds  Glenn  Cooper,  assistant  technical 
manager  of  the  Homeland  Security  ACTD.  “You 
could  probably  save  anywhere  from  three  to  five 


The  federal  government’s  Advanced  Concept  Technology 
Demonstration  (ACTD)  program  aims  to  put  emerging 
technologies  in  military  hands.  ACTD  projects  proposed 
for  this  year  include: 


Deployable  cargo-screening  ACTD: 

Automated,  high-throughput  cargo-screening  technology  for 
detecting  explosives  in  pallet  loads  of  cargo  moving  in  the 
defense  transportation  system. 

High-altitude  airship  ACTD: 

A  prototype  for  a  solar-powered  airship  that  can  fly  untethered 
at  70,000  feet  carrying  4,000  pounds  of  communication  and 
surveillance  gear. 

Urban  recon  ACTD: 

Advanced  airborne  and  terrestrial  3-D  reconnaissance  tools  for 
surveying  urban  areas.  Rapid  processing  software  will  aggregate 
sensor  data  and  provide  decision  aids  for  complex  mission¬ 
planning  functions. 


years  on  an  acquisition  process  by  using  a  technol¬ 
ogy  demonstration  program.’The  typical  acquisition 
cycle,  from  idea  to  deployment  in  the  field,  ranges 
from  seven  to  12  years,  he  says. 

Funded  last  year,  the  Homeland  Security  ACTD 
addresses  information  sharing  among  agencies 
involved  in  preventing,  tracking  and  responding  to 
security  incidents.  Its  goal  is  to  provide  a  secure, 
resilient  interagency  network  for  tracking  threats 
and  coordinating  agencies’  efforts  to  neutralize 
threats  and  recover  from  damage. 

Integration  is  a  big  part  of  the  project,  Cooper  says. 
“There  are  over  16,700  municipalities  in  the  U.S. 

See  ACTD,  page  14 


bandwidth  can  be  carved  out  to 
support  voice  and  guarantee 
that  delay  won’t  become  a  fac¬ 
tor  in  voice  quality.  But  the  com¬ 
pany  is  migrating  to  an  ATM 
WAN  in  which  voice  quality  will 
depend  on  IP  quality  of  service 
as  implemented  by  Cisco  gate¬ 
ways  and  routers.“We’re  moving 
to  ATM,  which  is  more  shared 
than  T-ls,”  Carofino  says.  “With 
dedicated  lines  we  almost  didn’t 
care  about  monitoring  perfor¬ 
mance  because  bandwidth  was 
all  dedicated  to  us.” 

Tracking  WAN  performance 

To  keep  track  of  WAN  perfor¬ 
mance,  Aetna  plugged  a  Brix  100 
Verifier  appliance  into  each  of 
the  160  subnets  in  its  network  to 
draw  a  picture  of  performance  at 
the  desktop. 

While  the  gear  is  made  for  ser¬ 
vice  providers  to  verify  that  they 
meet  service-level  agreements,  it 
can  serve  the  same  function  in 
large  corporate  networks.Verifiers 
can  sit  on  the  wire  in  a  network, 
monitoring  traffic  as  it  passes 
through  the  box  in  both  direc¬ 
tions,  or  they  can  connect  to  a 
switch  port  and  generate  test 
streams.  Aetna  attaches  them  to 
switch  ports  so  they  have  a  PC- 
eye  view  of  the  network. 

The  devices  generate  traffic 
such  as  simulated  voice  calls, 
DNS  lookups  and  Dynamic  Host 
Configuration  Protocol  requests. 
The  test  traffic  runs  between  the 
Brix  100s  to  a  pair  of  Brix  1000s 
at  the  Hartford  network  hub. 
Using  multiple  Verifiers  on  the 
network  and  monitoring  traffic 
in  both  directions  gives  a  better 
assessment  of  network  perfor¬ 
mance  than  pinging  the  network 


from  one  point,  according  to 
MierLabs,  a  member  of  the  Net¬ 
work  World  Global  Test  Alliance 
that  tested  IP  monitoring  tools 
including  Verifier  for  Network 
World  (see  www.nwfusion.com, 
DocFinder:  4746). 

Centrally  managed 

The  Brix  devices  report  to 
BrixWorx  software  located  at  a 
corporate  central  site  that  gath¬ 
ers  and  compiles  test  results. 
BrixWorx  then  reports  those 
results  to  the  NetCool  manage¬ 
ment  platform.  Since  the  Brix 
gear  was  installed  last  June  it  has 
discovered T-l  lines  that  were  not 
performing  as  they  should  be¬ 
cause  they  were  misconfigured, 
Carofino  says.Their  performance 
wasn’t  bad  enough  to  be  picked 
up  by  NetCool,  but  it  was  below 
T-l  standards.  “That’s  a  problem 
we  wouldn’t  have  known  about,” 
he  says. 

Aetna  looked  at  competing 
products  from  NetlQ,  Topaz  and 
Concord,  but  they  involved  at¬ 
taching  PCs  to  the  network  to 
gather  data.  “There  was  no  way 
we  were  going  to  implement 
that,”  Carofino  says. 

The  Brix  gear  checks  with 
BrixWorx  periodically  and  down¬ 
loads  any  software  updates  that 
have  been  posted  there.  The 
Verifiers  do  this  automatically 
and  reboot  themselves.“It’s  main¬ 
tenance-free,”  Carofino  says.  ■ 


Convergence 
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Powering  Up;  Keeping  Costs  Down 

“It’s  simple:  If  our  people  can’t  >  A *  Fortunately,  Sierra  Pacific  has  a 

access  the  network, our  customers  robust  enterprise  network  that 

go  dark,”  says  Chuck  Benton,  net-  SiCTT<t  Pacific"  not  on*y  ensures  the  highest 
work  analyst  at  Sierra  Pacific  "  *  s  °  u  "  0  c  s  availability  but  supports  new 
Resources,  a  private  utility  that  provides  business-enhancing  applications — such  as 
electricity  to  843,000  customers  through-  videoconferencing — to  improve  productivity 
out  Nevada  and  northeastern  California.  and  streamline  costs. 

The  Bottom  Line:  More  than  $277,000  in  yearly  savings. 

_ V 

Find  out  more  at  enterasys.com/nw/sierra-pacific2 


Security  Concerns?  Harness  Built-In  Enterprise  Switch  Features 

While  the  first  automobile  seat  belts  were  invented  100  years  ago,  it  wasn't  until  the  1980s  that  they  were  used 
with  great  frequency.  Similarly,  the  enterprise  network  has  provided  a  level  of  built-in  security  many  organizations 
may  have  overlooked.  But  because  the  network  is  now  an  integral  part  of  the  business — with  much  more  at 
stake — companies  are  now  looking  to  beef  up  their  security  any  way  they  can. 


Packet  classifica¬ 
tion  coupled  with 
user  authentication 
allows  multilayer 
switches  to  provide 
a  reliable  first  line 
of  defense  at  the 
network  edge. 


The  Evolution  of  a  More  Secure  Switch 

Enterprise  switching  technology  has 
evolved  over  the  last  several  years  to 
include  security  features  that  are  imple¬ 
mented  with  “just  a  click.”  Multilayer 
packet  classification,  sometimes  referred 
to  as  Layer  2+,  enables  a  switch  to  take 
action  based  on  criteria  other  than  a  PC’s 
address  (Layer  2)  or  the  next  router  hop 
(Layer  3).  This  means  a  switch  can 
switch,  prioritize,  limit,  or  block  packets 
based  on  a  number  of  factors,  including 
the  type  of  application,  protocol,  Quality 
of  Service  (QoS),  and  even  the  user. 

However,  in  select  multilayer  switches,  built-in 
packet  classification  provides  for  additional 
security  services: 

•  Deny  Spoofing  Service  allows  the 
switch  to  enforce  a  set  of  rules  that  pre¬ 
vents  a  user  from  acting  as  a  valid 
administrative  service — for  example, 
attempting  to  resolve  DNS  queries  as  a 
DNS  Server. 


Deny  Unsupported  Protocol  Access 
Service  allows  the  switch  to  deny  all 
“unsupported”  protocols,  such  as  rout¬ 
ing  protocols  (RIR  OSPFetc.)  originating 
from  a  user,  or  older  protocols  such  as 
IPX  and  AppleTalk. 

Intrusion  Prevention  Service  allows  the 
switch  to  deny  traffic  containing  well- 
known  Layer  4  ports  associated  with  attacks 


on  network  resources.This  helps  safeguard 
the  entire  network  by  blocking  known 
attacks,  such  as  common  port  scans. 

Limit  Exposure  to  Denial  of  Service 
(DoS)  Attacks  Service  is  a  set  of  rules 
that  allows  the  switch  to  deny  or  limit 
the  use  of  protocols  known  to  be  DoS 
attacks,  such  as  limiting  the  bandwidth 
allocated  to  a  user  for  ICMP  (ping). 


•  Protocol  Priority  Access  Control 
Service  lowers  the  overall  priority  of  less 
important  network  traffic.  By  lowering  the 
Class  of  Service  given  to  this  traffic,  the 
administrator  limits  the  impact  of  the 
resource-intensive  application,  but  the 
user  community  can  still  take  advantage 
of  the  access  they  have  come  to  expect. 

What  About  Authentication? 

To  extend  security  even  further,  more 
advanced  multilayer  switches  support  a 
variety  of  standards-based  802. IX  user 
authentication  mechanisms  that  identify 
each  user. 

To  learn  more  about  this  critical  security  fea¬ 
ture  and  others  that  can  be  deployed  easily 
with  a  click — much  like  a  seat  belt — go  to 


enterasys.com/nw/security-concerns2 
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The  Webcast  Your 
Competition  Doesn't  Want 
You  to  Watch! 


The  Matrix  El:  The  Right  Switch  at  the  Right  Price 


The  Matrix  El  Multilayer  Workgroup  Switch 
and  Gigabit  Workgroup  Switch  from 
Enterasys  Networks  provide  industry-stan¬ 
dard  switching  and  routing,  enhanced  with 
advanced  packet  classification  and  Quality 
of  Service  (QoS)  features. 

Compare  the  Matrix  El  Series  with 
Cisco’s  Catalyst  3550  Series  for  capacity, 
performance,  and  flexibility: 

•  Capacity — The  Matrix  El  has  twice  the 
number  of  10/100  ports  as  the  Catalyst 
3550-48. 

•  Performance — The  Matrix  El’s  packet 
forwarding  rate  is  60%  higher  than  the 
Catalyst  3550-48. 


•  Flexibility — The  modular  Matrix  El 
supports  a  wider  range  of  technologies 
(10/100,  10/100/1000,  100FX,  1  Gig), 
while  the  Catalyst  3550-48  is  a  fixed-con¬ 
figuration  switch  supporting  only 
10/100  and  1  Gig. 

The  Matrix  El  delivers  all  of  these 
advantages  at  a  more  competitive  price. 

With  multilayer  packet  classification,  the 
Matrix  El  also  supports  sophisticated  security 
capabilities  (see  above).  When  combined 
with  Enterasys’  NetSight  Atlas  management 
platform,  the  Matrix  El  provides  the 
advantage  of  highly  secure  network 
access  for  both  users  and  administrators. 


Other  impor¬ 
tant  security- 
related  features 

include  support  for  802.  IX  Authentication, 
MAC  Address  Authentication,  MAC  Port 
Locking,  Access  Control  Lists  (ACL), 
Extended  Access  Control  Lists  (ACL)  and 
policy-based  services  (anti-spoofing, 
unsupported  protocol  denial,  intrusion 
prevention, and  DoS  Attacks  limits). 

The  Matrix  El  is  part  of  a  full  line  of  high-per¬ 
formance,  multilayer  switches  from  Enterasys 
Networks.  To  learn  more  about  this  highly 
secure,  competitively  priced  switch,  go  to 
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networks.  The  timing  of  the  an¬ 
nouncement  fei!  a  week  before 
the  annual  Cellular  Telecommu¬ 
nications  &  Internet  Association 
(CTIA)  conference  in  New  Or¬ 
leans,  where  the  biggest  names  in 
wireless  are  expected  to  show 
how  Wi-Fi  fits  into  their  broad¬ 
band  service  plans. 

“There  seems  to  be  a  bit 
of  a  gold-rush  mentality 
says  Roger  Entner.an  ana¬ 
lyst  at  The  Yankee  Group. 

“Wi-Fi  is  expected  to 
bring  in  $1.5  billion  in 
revenue  by  2007.  That’s 
not  a  huge  moneymaker’’ 

It  remains  to  be  seen  if 
Wi-Fi  will  be  “real  gold  or 
fool’s  gold,”  he  says. 

Intel  goes  wireless 

Intel,  for  one,  is  sold  on 
Wi-Fi.  Last  Monday,  two 
days  before  taking  the. 
wraps  off  Centrino,  the 
company  announced  in¬ 
vestments  in  four  Wi-Fi 
start-ups  (from  carrier- 
class  technology  provider 
Pronto  Networks  to  enter¬ 
prise  wireless  LAN  switch 
company  Vivato)  as  part 
of  a  $150  million  funding  pro¬ 
gram  it  aired  last  fall. 

Intel  intends  for  Centrino  to 
sow  the  seeds  of  what  the  com¬ 
pany  and  many  industry  ob¬ 
servers  expect  soon  will  be  mil¬ 
lions  of  notebook  computers 
and  other  devices  that  easily  can 
connect  to  a  wireless  LAN,  a  cel¬ 
lular  data  network  or  both. 
“People  are  really  ready  to  use 
this  technology’  says  Craig  Bar¬ 
rett,  Intel  CEO. 

Centrino  is  based  on  the  Pen¬ 
tium  M  processor,  which  uses  a 
different  chip  architecture  from 

\  I  / 


Intel’s  earlier  mobile  chips,  such 
as  the  Pentium  4-M.  Last  week, 
Intel  unveiled  four  standard  ver¬ 
sions  of  the  Pentium  M, ranging  in 
speeds  from  1.3GHz  to  1.6GHz, 
and  ranging  in  price  from  $292  to 
$720.  There  also  are  two  other, 
low-voltage  versions. 

Although  Pentium  M  is  slower 
than  the  Pentium  4-M,  Intel  says 
the  new  chips  deliver  higher 
performance  and  considerably 


A  Wi-Fi  world 

Worldwide  adoption  of  802.11 
wireless  LANs  is  on  the  rise  in 
enterprise  networks  at  home. 
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longer  battery  life.  Already,  PC 
vendors,  including  Acer,  Dell,  IBM 
and  Toshiba,  have  demonstrated 
Centrino  notebook  PCs.  (See 
other  vendors  that  are  adding 
the  technology  to  their  note¬ 
books,  page  34.) 

All  that  users  of  the  devices  will 
need  is  a  place  to  connect.  And 
carriers  —  including  the  recently 
launched  Cometa  Networks  — 
plan  to  create  a  lot  of  those 
places,  dubbed  hot  spots. 

“The  service  providers  see  Wi-Fi 
as  a  way  of  encouraging  broad¬ 
band  usage  in  the  wireless  space,” 
says  Ron  Angner,  principal  with 
strategic  consulting  firm  The  Man¬ 
agement  Network  Group  and  gen¬ 
eral  manager  of  the  firm’s  wireless 
and  operations  support  system 
practices.  Cometa  —  a  company 
that  AT&T,  IBM,  Intel  and  others 
formed  —  hired  TMNG  to  help 
shape  the  wireless  service  whole¬ 
saler’s  business  strategy 

“For  a  salesperson  to  be  able  to 
pop  in  to  get  a  cup  of  coffee  and 
use  the  coffee  shop’s  hot  spot  to 
get  access  to  his  enterprise  net¬ 
work,  is  incredible,”  Angner  says. 

At  the  CTIA  Wireless  2003  con¬ 
ference,  TMNG  will  demonstrate 
two  hot-spot  models  and  show 
carriers  how  they  can  bill  sub¬ 
scribers  based  on  bandwidth, 
location,  duration  or  a  combina¬ 


tion  of  these.“It  gives  everyone  in 
the  [telecom]  value  chain  a  little 
piece  of  the  pie  and  the  ability  to 
bill  for  the  services  they  actually 
deliver]’  he  says. 

Showtime  for  Wi-Fi 

Wi-Fi  is  expected  to  take  center 
stage  at  the  CTIA  event,  which, 
despite  all  the  activity  in  the  mar¬ 
ket,  is  expected  to  see  a  big  atten¬ 
dance  drop-off  like  many  other 


Wireless  LAN  client  shipments: 


■  Enterprise 

■  SOHO/home 


SOURCE:  SYNERGY  RESEARCH  GROUP 


trade  shows.  Whereas  25,000 
people  attended  last  year,  only 
11,000  were  preregistered  as  of 
press  time. 

Those  who  go  should  expect  to 
see  the  latest  in  wireless  devices 
with  an  “emphasis  on  supporting 
wireless  data  for  the  masses,”  says 
Craig  Mathias,  principal  at  con¬ 
sulting  firm  Farpoint  Group  (for  a 
look  at  one  successful  wireless 
implementation, see  page  17). 

IBM  says  it  will  announce  a  deal 
to  deploy  wireless  LAN  hot  spots 
at  more  than  1,000  truck  stops 
across  the  U.S.  With  secure  wire¬ 
less  access  via  a  VPN  to  corporate 
networks,  trucking  and  logistics 
companies  will  be  able  to  share 
data  and  applications  directly 
with  notebook-equipped  drivers. 

Columbia  Advanced  Wireless 
will  sell  the  sites 
and  use  IBM’s 
I  n  t  e  1  -  b  a  s  e  d 
eServer  machines 
running  Linux 
and  Rocksteady 
Networks’  Net¬ 
work  Sharing  Ap¬ 
plication.  The  ap¬ 
plication  deter¬ 
mines  whether 
truckers  are  au¬ 
thorized  to  enter 
the  hot  spot  and 
dynamically 


manages  the  Internet  session 
based  on  the  client  machine’s 
credentials. 

Service  provider  Boingo  Wire¬ 
less,  which  offers  national  Wi-Fi 
service  based  on  a  network  of 
access  points  from  hundreds  of 
providers,  also  plans  an  an¬ 
nouncement  at  the  show. 

Details  were  not  available  at 
press  time,  but  Boingo’s  CEO  and 
founder,  Sky  Dayton,  is  expected 
to  elaborate  on  the  com¬ 
pany’s  announcement 
from  last  week.  The  ser¬ 
vice  provider  launched 
a  reseller  program  that 
lets  other  providers  sell 
its  Wi-Fi  offerings. 

Boingo  also  announc¬ 
ed  it’s  developing  soft¬ 
ware  to  let  traditional 
wireless  service  pro-  ! 
viders  that  operate  Gen¬ 
eral  Packet  Radio  Ser¬ 
vice,  Code  Division  Mul¬ 
tiple  Access,  lxRTT  and 
iDEN  networks  offer 
Boingo  Wi-Fi  services. 
This  will  let  travelers 
choose  between  their 
wireless  LAN  or  mobile 
data  service,  depending 
on  their  location  and 
the  type  of  access  they 
need. 

Boingo  will  need  to  strike  deals 
with  Cingular,  Verizon  Wireless 
and  Nextel  to  make  this  service 
work.  Boingo  says  the  software  is 
expected  to  be  available  later 
this  year. 

Such  deals  might  prove  to  be  in 
the  best  interest  of  traditional  ! 
wireless  service  providers  along 
with  those  moving  to  3G  tech¬ 
nologies,  Mathias  says.“Will  wire¬ 
less  LANs  take  business  away 
from  3G  providers?  Absolute^’ 
he  says. 

T-Mobile  was  the  first  tradi¬ 
tional  mobile  service  provider 
that  recognized  the  threat  and 
opportunity  that  Wi-Fi  presents. 
The  carrier  has  been  building  a 
Wi-Fi  network  to  offer  business 
and  consumer  customers  its 
HotSpot  wireless  LAN  service.  ■ 
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IBM 

continued  from  page  10 

mid-May  and  is  the  first  update 
to  IBM’s  zSeries  line  since  the 
z800  was  introduced  in  February 
2002. 

IBM  declined  to  comment  on 
the  G8,  but  in  a  March  1 1  report 
on  IBM,  Merrill  Lynch  First  Vice 
President  Steve  Milunovich 
wrote  that  Bill  Zeitler,  senior  vice 
president  and  group  executive 
for  the  IBM  server  group,  con¬ 
firmed  that  the  G8  would  be 
available  mid-year. 

The  T-Rex  could  be  crucial  for 
Big  Blue  as  IBM  expects  to  target 
about  half  of  the  3,000  existing 
z800  and  z900  customers  with 
the  G8,  Milunovich  wrote.  Main¬ 
frame  sales  accounted  for  $3  bil¬ 
lion  of  IBM’s  total  $81  billion  in 
revenue  in  2002. 

Initially  the  market  for  the  G8 
likely  will  be  limited  to  IBM’s 
largest  customers.“It’s  not  a  large 
number  of  customers  that  will 
need  this  machine,”  says  John 
Phelps,  vice  president  and 
research  director  at  Gartner. 
“Those  [that  do]  are  going  to  be 
the  people  who  have  the  large 
data  centers  and  right  now  are 
doing  things  with  three-  and  four¬ 
way-connected  Parallel  Sysplex 
[mainframe  clusters] .  They  will 
be  able  to  do  more  in  a  single 
system.”  Parallel  Sysplex  is  an 
IBM  technology  that  lets  users 
strap  together  multiple  main¬ 
frame  processors  to  act  as  one 
unit. 

“I  can  see  that  big  companies 
that  have  several  large  z900s 
could  save  money  by  consoli¬ 
dating  workloads  on  fewer  T-Rex 
boxes,”  says  Eric  Bielefeld, 
senior  systems  programmer  at 
P&H  Mining  Equipment  in  Mil¬ 
waukee,  which  currently  runs 
the  smaller  MP3000  mainframe. 
“It  would  be  cheaper  and  more 
efficient.  Parallel  Sysplex  ex¬ 
pends  a  lot  of  cycles  just  com¬ 
municating  with  the  other 
CPUs.  [With  the  T-Rex],  this 
would  all  be  done  internally  at 
memory  speeds.” 

Phil  Payne,  research  director 
for  Isham  Research,  says  that 
while  the  initial  market  might  be 
small,  demands  for  such  a  high- 
capacity  machine  are  growing  as 
businesses  run  more  applica¬ 
tions  on  the  Internet. 

“Part  of  the  need  is  the  organic 
growth  of  applications,”  he  says. 
“Customers  have  successfully 
front-ended  legacy  applications 
to  the  Web.  .  .  .  The  Web  has 
increased  the  normal  amount  of 
business  you  would  expect.”  ■ 


you're  busy  monitorpng  your  servers 
who's  watching  your  business? 


The  new  HP  ProLiant  DL740 
8-way  with  hot- plug 
RAID  memory. 

•  Ultradense  4u  modular  chassis 
with  up  to  eight  Intel®  Xeon™  MP 
1.5  GHz  or  2.0  GHz  processors 

•  Up  to  64GB  addressable  memory 

•  Groundbreaking  F8  chipset 

■  6-64  bit/100  MHz  PCI-X  slots 

•  Integrated  Lights-Out  Standard 
(iLO)  for  Remote  Server  Mgmt. 


The  new  HP  ProLiant  DL760 
G2  8-way  with  hot-plug 
RAID  memory. 

•  Up  to  eight  Intel®  Xeon™  MP 

1.5  GHz  or  2.0  GHz  processors 

•  Up  to  64GB  addressable  memory 

•  Groundbreaking  F8  chipset 

•  10-64  bit/100  MHz  PCI-X, 

1-64  bit  33  MHz  slots 

•  Remote  Insight  Lights-Out  Edition  II 
(optional)  for  Remote  Server  Mgmt. 


What  challenges  do  you  face  today?  Decreasing  budgets?  The 
lurking  possibility  of  downtime?  It's  hard  enough  to  focus  on 
moving  your  business  forward  when  you're  constantly  looking 
over  your  shoulder  to  see  if  everything  is  up  and  running. 

Besides,  that's  the  job  of  the  new  HP  ProLiant  DL700  series 
running  Intel®  Xeon™  MP  processors.  An  adaptive  infrastructure 
begins  with  these  HP  ProLiant  servers  which  come  equipped 
with  tools  that  predict,  self-diagnose  and  fix  many  fault 
conditions.  And  now  with  hot-plug  RAID  memory  exclusively 
from  HR  you  can  add  or  replace  DIMMs  without  turning 
your  systems  off.  Both  work  with  the  HP  ProLiant  Essentials 
Foundation  Pack  featuring  Insight  Manager  7software  which 
monitors  and  controls  your  infrastructure  for  maximum  uptime. 

At  the  end  of  the  day,  you'll  have  more  control  over  your 
infrastructure,  help  avoid  unplanned  downtime  and  reduce 
overall  maintenance  costs.  Not  to  mention  freeing  yourself 
up  for  more  important  things. 

To  learn  how  HP  ProLiant  servers  can  be  a 
part  of  maximizing  your  company's  uptime, 
download  CMP's  executive  brief  on  high  availability 
at  www.hp.com/go/proliant92  or  call 
1  -800-282-6672,  option  5,  and  mention  code  YPQ. 
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Web  services  hurdles 

Widespread  adoption  of  Web  services  technology  by  corporate  customers  faces  four 
major  obstacles  —  security,  reliable  messaging,  process  flow  and  management. 


Needs 

Issue 

Protocols  in  the  works 

Status 

Security 

Authentication  and  authorization 

WS-Security 

Solid  backing  from 
all  major  players 

Reliable 

messaging 

Guaranteed  delivery  of  messages 
between  applications,  especially 
for  high-value  transactions 

WS-Reliable  Messaging 
(IBM/Microsoft);  WS- 
Reliable  Messaging 
(OASIS) 

Initial  phase  of  work 

Process/ 

orchestration 

Building  business  workflow 
between  Web  services 

Business  Process 
Execution  Language 
for  Web  services; 
Business  Process 
Specification  Schema; 
Business  Process 
Modeling  Language 

Active  debate 
on  best  course 
of  action 

Management 

Managing  uptime,  performance 

WS-Distributed 

Management 

Initial  phase  of  work 

Standards 

continued  from  page  1 

workflow.  The  two  also  created 
the  Web  Services  Interoperabil¬ 
ity  Organization  (WS-I),  which 
offers  guidance  for  developing 
interoperable  Web  services.  WS-I 
gained  notoriety  because 
IBM/Microsoft  initially  denied 
rival  Sun  a  board  seat  in  what 
was  deemed  an  obvious  power 
play. This  week,  WS-I  will  vote  on 
Sun’s  bid  to  join  the  group’s 
board. 

“Most  vendors  see  Web  services 
as  a  land-grab  opportunity  and 
are  seeking  to  stake  claims  on  ter¬ 
ritory?’  says  Ron  Schmelzer,  an 
analyst  with  ZapThink.  “Cus¬ 
tomers  are  far  from  implement¬ 
ing  many  of  these  immature  spec¬ 
ifications  so  we  have  to  interpret 
this  land-grab  standards  mental¬ 
ity  as  a  way  for  vendors  to  posi¬ 
tion  their  companies  and  their 
products  as  the  platforms  of 
choice  for  implementing  this  new 
breed  of  application." 

Schmelzer  says  to  expect  more 
major  standards  battles  this  year. 

“There  is  little  incentive  for  ven¬ 
dors  to  get  along  these  days.They 
are  each  pitching  products  at  dif¬ 
ferent  locations  on  the  Web  ser¬ 
vices  continuum,  and  thus  have 
their  own  agendas  when  propos¬ 
ing  a  specification,”  he  says. 

IBM  and  Microsoft  officials 


don’t  deny  their  recent  efforts  are 
part  of  a  broader  Web  services 
environment  they  have  been 
proposing  for  more  than  a  year. 
The  two  say  they  are  proposing 
protocols  that  will  help  their  cus¬ 
tomers  integrate  products,  but 
said  standardization  is  the  end 
game.  Steven  VanRoekel,  director 
of  Web  services  marketing  for 
Microsoft,  says  the  reliable  mes¬ 
saging  work  had  been  underway 
for  a  year  and  was  so  close  to 
completion  they  decided  to  con¬ 
tinue  instead  of  joining  WS-RM. 


“You  can  count  on  the  fact  that 
our  goal  is  to  work  with  the  indus¬ 
try  to  arrive  at  one  standard,  but 
the  drive  toward  a  single  standard 
doesn’t  always  follow  a  straight 
path,”  says  Karla  Norsworthy, 
director  of  dynamic  e-business 
technologies  for  IBM. 

But  members  of  the  OASIS  com¬ 
mittee  that  were  snubbed  by  IBM/ 
Microsoft  see  things  differently 
“It’s  unfortunate  that  there  is  this 
type  of  politics  at  the  major  ven¬ 
dor  level,”  says  Dave  Chappell, 
chief  technology  evangelist  at 


Sonic  Software,  which  along  with 
Fujitsu,  Hitachi,  Oracle,  NEC  and 
Sun  created  the  foundation  spec¬ 
ification  for  the  OASIS  WS-RM 
technical  committee.  “In  the 
grand  scheme  of  things,  cus¬ 
tomers  want  to  see  vendors  coop¬ 
erate,  not  compete,  for  the  estab¬ 
lishment  and  adoption  of  stan¬ 
dards.  The  long-term  effect  is  that 
it  causes  rifts  and  the  user  base 
will  not  adopt  anything.” 

Many  users  agree  that  stan¬ 
dards  work  should  happen  with¬ 
in  recognized  standards  bodies 
or  consortiums. 

“You  start  this  proprietary  junk 
and  it  will  kill  us,”  says  John 
Picanso,  CTO  at  the  Colorado 
Department  of  Agriculture.  “If  we 
don’t  have  standards  to  support 
what  we  are  doing,  we  are 
cooked.  All  this  does  is  slow  down 
the  process.” 

Sun,  itself  accused  of  polluting 
the  waters  around  Web  services 
standards  development  with  its 
early  objections  to  XML  and 
Simple  Object  Access  Protocol 
(SOAP),  says  IBM  and  Microsoft 
are  undermining  the  true  value  of 
standards. 

“They  are  driving  fragmentation 
and  creating  confusion  with  no 
good  business  rationale,”  says  Ed 
Julson,  group  manager  for  Web 
services  standards  and  technolo¬ 
gies  at  Sun. 

IBM  and  Microsoft  are  following 
a  path  they  laid  out  last  year  when 
they  released  their  first  tag-team 
specification  called  WS-Security 
which  is  now  on  a  standards  track 
at  OASIS,  and  a  white  paper  out¬ 
lining  their  plan  of  attack. 

The  two  are  building  a  frame¬ 
work  where  security,  reliability 
and  provisioning  requirements 
are  expressed  in  a  standard  way 


within  one  policy  extension, 
called  WS-Pblicy,  to  SOAP  instead 
of  attaching  a  series  of  individual 
extensions  to  a  SOAP  message. 
Their  work  on  BPEL4WS  and  reli¬ 
able  messaging  align  with  that 
policy  model. 

But  none  of  the  specifications 
have  been  submitted  to  a  stan¬ 
dards  body  including  WS-Balicy. 

However,  the  two  are  using  that 
model  to  dominate  the  develop¬ 
ment  of  Web  services  standards 
deemed  most  critical  for  corpo¬ 
rate  technology  adoption. 

“IBM  and  Microsoft  drive  any¬ 
thing  that  has  to  do  with  Web  ser¬ 
vices,”  says  Anne  Thomas  Manes, 
research  director  at  Burton  Group 
and  an  active  participant  in  many 
Web  services  standards  organiza- 
tions.“It  worries  me  that  they  have 
that  much  control,  but  at  the 
same  time  they  are  providing 
good  stuff  and  they  are  teaming 
with  experts.” 

IBM  and  Microsoft  teamed  with 
VeriSign  to  develop  WS-Security 
They  worked  with  BEA  on 
process  workflow;  and  Tibco  and 
BEA  on  reliable  messaging. 

“But  the  real  concern,"  Manes 
says, “is  over  intellectual  property 
rights.  Both  companies  are  still 
reserving  the  right  to  their  intel¬ 
lectual  property  on  a  lot  of  this 
work.  It  gives  them  so  much  more 
control  in  the  long  run.” 

IBM  has  offered  its  contribution 
to  WS-Security  royalty  free,  and 
Microsoft  says  it  has  done  the 
same.  But  the  same  issue  over  the 
duo’s  BPEL4WS  and  reliable  mes¬ 
saging  work  won’t  be  addressed 
until  those  proposals  are  submit¬ 
ted  to  a  standards  body 

One  source  at  OASIS  says 
Microsoft  didn’t  join  their  efforts 
on  reliable  messaging  because 
the  company  balked  at  the  intel¬ 
lectual  property  rights  (IPR)  state¬ 
ment  adopted  by  the  OASIS  WS- 
RM  technical  committee.  The 
source  says  IBM  was  fine  with  the 
statement. 

Tom  Rutt,  co-chair  of  WS-RM, 
holds  out  hope  that  IBM  and 
Microsoft  will  join  his  technical 
committee  soon  to  assure  that 
their  ideas  get  woven  into  the 
group’s  final  specification,  due  in 
September. 

“I’d  like  to  invite  IBM  and  Micro¬ 
soft  to  submit  their  specifications 
on  Web  services  reliable  messag¬ 
ing  to  our  [technical  committee], 
assuming  they  are  willing  to  go 
royalty  free  on  the  IPR,"  Rutt  says. 
“We  have  enough  momentum  to 
get  a  real  workable  spec."  ■ 

Get  more  information  online. 
Docfinder:  4742 
www.nwfiisiM.caa 


ACTD 

continued  from  page  10 

Each  one  buys  its  own  systems  and  equipment,  and 
all  the  federal  and  state  organizations  do  their  own 
purchasing,”  he  says.There’s  very  little  homogeneity 
in  that  process.” 

For  its  part,  IBM  is  working  with  ACTD  participants 
on  an  early  warning  system  that  alerts  officials  when 
disaster  strikes  through  a  variety  of  media,  including 
instant  messages. 

IBM  provided  technology  and  expertise  used  in 
one  of  two  mock  terrorist  events  that  team  mem¬ 
bers,  representing  more  than  50  federal,  state  and 
local  agencies,  staged  last  year.  Spanning  20  venues 
and  six  states,  the  December  event  simulated  multi¬ 
ple  attacks  against  civilian  and  military  targets, 
including  a  barge  explosion  in  Louisiana  and  simu¬ 
lated  attacks  against  Navy  and  Marine  facilities  in 
San  Diego. 

Big  Blue’s  contribution  centered  around  three 
products: 

•  IBM  Directory  Integrator,  a  metadirectory  prod¬ 
uct  for  synchronizing  and  exchanging  information 
between  applications  or  directory  sources.  IBM 
deployed  its  directory  integration  software  to  allow 
ACTD  team  members  to  build  a  consistent  directory 
infrastructure  and  add,  modify  or  remove  organiza¬ 
tions  as  necessary 

•  IBM  UDD1  Registry,  a  Universal  Description, 
Discover)'  and  Integration  (UDDI)-compliant  reg¬ 
istry  IBM  modeled  data  within  its  UDD1  Registry  so 


Defense  Department  participants  could  publish  and 
locate  Web  services  applications.  Through  Web  ser¬ 
vices  technologies,  Homeland  Security  ACTD  team 
members  plan  to  link  legacy  systems  from  intelli¬ 
gence  agencies,  military  command  centers,  and 
state  and  local  governments  with  new  applications 
to  facilitate  information  sharing. 

•  IBM  Lotus  Sametime,  an  instant-messaging  and 
Web-conferencing  platform.  IBM  collaborated  with 
project  participants  to  devise  options  for  sending 
alerts  and  advisories  to  parties  using  tools  that  are 
interoperable  with  Defense  Collaboration  Tool 
Suite,  the  Defense  Department’s  existing  set  of 
instant  messaging,  file  sharing  and  other  collabo¬ 
rative  applications. 

Along  with  IBM,  a  handful  of  other  vendors  partic¬ 
ipated  in  the  December  demonstration.  Swan  Island 
Networks,  for  example,  provided  its  Secure  Wide 
Area  Response  Management  software,  which  lets 
agencies  distribute  text,  graphics,  audio  and  video 
files  to  emergency  personnel  and  then  secure  sensi¬ 
tive  information  on  local  devices  using  caching 
technology 

Infraworks  contributed  its  InTether  Server  software, 
which  lets  users  secure  files  at  the  Web-server  level 
by  restricting  recipients  from  copying,  printing  or  for¬ 
warding  a  file  after  download;  limiting  the  amount  of 
time  digital  files  can  be  viewed  after  download;  and 
controlling  when  a  file  should  be  deleted  from  a 
client’s  hard  drive. 

Other  commercial  participants  include  BEA 
Systems,  NuParadigm,  Nokia  and  SAIC.  ■ 
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Wireless  net  challenges  hospital  IT  group 


Takes 

■  InfiniBand  start-ups  InfiniSwitch 
and  Lane  15  Software  said  last 
week  that  they  will  merge.  The  new 
company  will  be  called  InfiniSwitch. 

It  will  focus  on  products  for  cluster¬ 
ing  servers  in  data  centers  to 
improve  performance  and  efficiency. 
InfiniSwitch,  which  has  dem¬ 
onstrated  a  12-port  InfiniBand 
switch  and  a  four-port  host  channel 
adapter,  competes  with  start-ups 
Voltaire  and  Inf iniCon.  The  compa¬ 
nies  join  a  handful  of  others  invest¬ 
ing  in  next-generation  bus  technol¬ 
ogy,  including  Sun,  and  start-ups 
Topspin,  Voltaire  and  InfiniCon.  HP, 
IBM  and  other  companies  have 
decided  that  rather  than  natively 
enabling  their  servers  with  the  tech¬ 
nology,  they  will  provide  switches 
like  those  from  InfiniSwitch  that 
bridge  and  route  InfiniBand  to 
Gigabit  Ethernet  networks.  The  com¬ 
bined  InfiniSwitch  will  have  as  many 
as  80  employees,  half  of  them  in 
Westborough,  Mass.,  and  the  other 
half  in  Austin,  Texas.  They  will  con¬ 
tinue  operations  in  both  offices.  No 
value  was  placed  on  the  deal. 

■  HP  has  taken  the  wraps  off  a  new 
server  that  cuts  the  size  of  its  four- 
processor  ProLiant  systems  in  half. 
The  company  last  week  announced 
the  ProLiant  DL560  server,  which 
packs  four  of  Intel’s  Xeon  processors 
in  a  2U-high  system.  While  it  lacks  a 
few  features  of  larger,  4U-high  ser¬ 
vers,  customers  will  receive  the  same 
processing  power  in  a  smaller  space, 
which  can  help  reduce  the  size  of 
data  centers,  the  company  says.  HP 
expects  the  four-processor  server  to 
add  options  for  customers  seeking  to 
serve  up  Web  pages  or  e-mail  and  to 
run  business  software  from  SAP. 

A  configuration  with  a  1.5GHz  Xeon 
and  512M  bytes  of  memory  starts  at 
$7,100.  Configurations  with  2.0-GHz 
and  1.9-GHz  Xeons  also  will  be  avail¬ 
able.  HP  will  support  Microsoft 
Windows  2000  Advanced  Server  and 
Windows  2003  Server  along  with  Red 
Hat’s  Linux  Advanced  Server,  SuSE 
Linux  and  Novell's  NetWare  operating 
systems,  www.hp.com 


■  BY  JOHN  COX 

Managing  big  enterprise  wireless 
LANs  is  a  matter  of  weaving 
together  a  variety  of  products 
and  policies,  according  to  St.  Vincent’s 
Hospital  in  Birmingham,  Ala. 

The  IT  group  blanketed  the  hospital’s 
five-building  campus  with  167  Cisco 
wireless  access  points  to  create  one  of 
the  biggest  Cisco  mobile  deployments 
in  the  Southeast.  In  doing  so,  the  group 
ran  into  a  number  of  problems  and 
discovered  there  is  no  silver  bullet  for 
solving  them. 

“As  we  pushed  the  wireless  LAN  enve¬ 
lope  in  various  areas,  we  found  there’s 
never  one  company  that  can  deliver 
everything  you  want,”  says  Tim  Stett- 
heimer.CIO  for  the  138-bed  hospital,  part 
of  the  Ascension  Health  System,  which 
has  55  hospitals  nationwide.  “Cisco  has 


■  BY  PHIL  HOCHMUTH 

SANTA  CLARA  —  Intel  this  week  is 
releasing  network  interface  card  products 
aimed  at  helping  servers  and  client  PCs 
handle  torrents  of  Ethernet  traffic  on  cor¬ 
porate  LANs. 

New  Gigabit  and  10G  Ethernet  adapters 
could  help  corporate  customers  take  ad¬ 
vantage  of  high-speed  LAN  connections 
and  newer,  powerful  server  processor  tech¬ 
nology  applications  to  run  faster  between 
clients  and  servers. 

Intel  is  releasing  its  10G  Ethernet  PCI-X 
server  adapter,  which  can  be  used  to  con¬ 
nect  a  PCI-X-based  server  with  links  as  fast 
as  10G  bit/sec.  It  also  is  announcing  a  four- 
port  Gigabit  Ethernet  NIC  for  servers,  and 
new  Gigabit  Ethernet  chips  aimed  at  mak¬ 
ing  blade  servers  run  faster.  It  also  will  have 
products  aimed  at  letting  PCI-based  desk¬ 
tops  fully  utilize  Gigabit  Ethernet. 

Intel’s  Pro/ 1000  MT  Quad  Pbrt  server 
adapter  packs  four  copper-based  1000 
Base-T  ports  into  one  PCI-X  network  card. 
The  NIC  is  aimed  at  connecting  a  server  to 


some  great  tools,  and  they’re  always 
improving.  But  we  wanted  to  fill  the  gaps 
in  managing  our  access  points.” 

Those  gaps  included  monitoring 
access-point  radio  signals,  detecting 
intruders,  setting  up  group-based  au¬ 
thentication  and  configuration  poli¬ 
cies,  tying  into  the  hospital’s  Remote 
Authentication  Dial-In  User  Service 
(RADIUS)  servers,  and  optimizing 
wireless  bandwidth  use. 

The  11M  bit/sec  802.11b  wireless 
LAN,  based  on  Cisco’s  Aironet  350 
802.11b  access  points,  covers  all  five 
buildings.  Wireless  support  is  seen  as 
an  essential  step  in  letting  doctors  and 
nurses  access  the  most  current  data 
anywhere  at  anytime. 

“You’re  too  limited  in  a  wired  net  to 
meet  that  goal,”  Stettheimer  says.  “No 
matter  how  many  computers  you  have 
on  desks,  they  don’t  give  the  ability  for 


segments  of  a  network  that  are  physically 
separated.  It  can  provide  a  server  with 
simultaneous  links  to  a  LAN  and  network- 
attached  storage  systems.  The  card  can  be 
configured  as  a  virtual  4G  bit/sec  connect¬ 
ing  when  connected  to  four  lOOOBase-T 
ports  on  a  single  switch  that  supports  the 
IEEE  802.3ad  link  aggregation  standard. 

Intel’s  Pro/1000  CT  Desktop  Connection 
chip  will  work  with  the  company’s  Spring- 
dale  and  Canterwood  motherboard  chip- 
sets  for  desktops,  which  are  due  to  be  re¬ 
leased  this  quarter.  The  Pro/1000  CT 
Ethernet  controller  will  tap  into  the  mem¬ 
ory  controller  architecture  of  its  two  new 
chipsets,  letting  a  PC  utilize  full-duplex 
Gigabit  Ethernet  connections.  This  archi¬ 
tecture  bypasses  the  32-PCI  bus  of  a  desk¬ 
top  machine,  which  in  the  past  had  limited 
Gigabit  Ethernet  desktop  connections  to 
about  500M  bit/sec,  Intel  says. 

Intel  held  just  less  than  half  of  the  Gigabit 
NIC  market  when  the  products  emerged  in 
2000,  but  the  company  commanded  62% 
of  the  market  for  lOOOBase-T  NICs  in  the 
second  quarter  of  2002.  Its  closest  rival  was 


a  physician  or  nurse  to  access  medica¬ 
tion  histories,  medical  images  and 
assessment  data  anywhere,  and  that  is 
critical.” 

Multiple  wireless  options 

Users  with  laptops,  tablet  PCs  and 
some  PDAs  connect  wirelessly  to  the 
net  (see  graphic,  page  18),  and  run 
Citrix  Systems’  MetaFrame  client/ser¬ 
ver  software  to  access  server-based 
clinical  and  administrative  applica¬ 
tions  and  databases.  MetaFrame’s 
Intelligent  Console  Architecture  proto¬ 
col  is  designed  to  efficiently  send 
instructions  to  the  Windows  graphics 
subsystem  on  the  client  device,  which 
then  displays  only  the  application 
screen.  This  system,  developed  for  the 
wired  net,  easily  was  extended  to  wire¬ 
less  laptops  and  tablets,  so  users  had 
See  St.  Vincent's,  page  18 


Intel's  Pro/1000  MT  Quad  Port  server 
adapter  supports  four  lOOOBase-T  ports. 


3Com,  with  17%  of  the  373,000  products 
shipped. 

Intel  also  has  become  the  top  supplier  of 
integrated  NIC  products,  surprising  the  sili¬ 
con  vendor  Broadcom  as  the  top  supplier 
of  components  that  integrate  NIC  function¬ 
ality  into  PC  and  server  motherboards,  or 
LAN-on-motherboard  products. 

Intel’s  Pro/lOGbE  LR  Server  Adapter  will 
be  available  in  March  for  $8,000,  and  the 
Intel  Pro/ 1000  MT  Quad  Port  Server 
Adapter  is  available  for  $575. The  Pro/1000 
CT  Desktop  Connection  chip  is  available 
to  PC  manufacturers.  ■ 


Intel  unleashes  high-speed  NICs 


Infrastructure 


. . 

10  NftworkWorid 

3/17/03 

TOLLY  ON 
TECHNOLOGY 

Kevin 

Tolly 


Jan.  25, 2003,  isn’t  a  day  that  will  live  in 
infamy  for  most  of  the  world,  but  it 
should  be  a  day  that  sticks  in  the 
minds  of  network  architects  who  design 
and  manage  enterprise-class  networks. 

That’s  the  day  the  MS-SQL  Slammer 
virus  struck  hard  at  5:30  GMT,  pushing 
latency  across  the  Internet  to  20%  — 
more  than  20  times  its  normal  level. 
Slammer  blasted  through  an  estimated 
half-million  vulnerable  servers  by  week’s 
end,  according  to  one  Network  World 
news  account,  wreaking  havoc  inside 
corporate  intranets,  disrupting  e-com- 
merce  and  even  causing  a  global  Inter¬ 
net  slowdown. 

Now  more  than  two  months  after  the 
debacle,  network  architects  are  faced 
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Internet  security  may  rest  with  intrusion  prevention 


with  what  to  do  about  malicious  attacks 
such  as  the  one  SQL  Slammer  created. 
Intrusion-detection  systems  that  acted 
like  the  front  line  of  defense  might  have 
yielded  some  initial  warning  of  the 
attacks,  but  companies  were  forced  to 
rely  upon  manual  efforts  with  access 
control  lists  to  control  the  spread  and 
the  effect  of  the  attack. 

Maybe  now  architects  will  give  a  long, 
hard  look  at  intrusion-prevention 
systems  (IPS).  These  rapidly  maturing 
products  act  to  identify  attack  signatures 
and  block  traffic  before  it  invades  the 
enterprise. 

While  there  have  been  some  attempts 
to  measure  the  performance  of  IPS  prod¬ 
ucts,  none  have  painted  an  especially 
accurate  picture  of  overall  performance. 
From  The  Tolly  Group’s  perspective,  any 
benchmark  of  IPS  products  has  to  con¬ 
sider  three  primary  factors:  network  per¬ 
formance,  security  accuracy  and  secur¬ 
ity  efficiency. 

Network  performance  cannot  be  con¬ 
veyed  by  a  single  reading  but  instead  is  a 


composite  of  several  measurements.  IPS 
performance  needs  to  take  into  account 
the  aggregate  throughput  that  can  pass 
through  the  devices  in  concert  with  the 
amount  of  latency  the  IPS  introduces  to 
that  content  just  passing  through. We  also 
like  to  examine  the  session  set-up  rate  of 
IPS  systems  to  ensure  they  can  nail  up 
and  tear  down  sessions  at  rates  similar  to 
LAN  switches. 

In  the  end,  users  want  a  device  that  can 
demonstrate  that  it  handles  data  in  real 
time,  delivering  the  type  of  performance 
commonly  associated  with  a  Layer2/ 
Layer  3  switch. 

Aside  from  network  performance, 
there’s  security  performance.  Here,  Tolly 
Group  engineers  typically  measure  and 
examine  the  number  of  malicious  attacks 
that  the  IPS  can  filter.  Obviously  the  more 
attacks  the  device  can  screen,  the  better, 
but  we  also  have  to  be  aware  of  the  secu¬ 
rity  effectiveness.  That  is,  any  IPS  tested 
cannot  create  false-negative  readings  or 
false  positives  that  permit  attacks  to  pass 
or  block  legitimate  traffic  from  entering  a 


corporation. 

The  Tolly  Group  will  investigate  the 
topic  of  IPS  performance  soon;  we  are 
organizing  a  muitivendor  study  on  the 
topic.  We  plan  to  blend  our  testing-based 
performance  results  into  our  studies,  and 
we  will  highlight  IPS  performance  results 
in  a  future  column. 

There’s  a  role  for  Network  World  readers, 
too.  We’re  interested  in  learning  from  you 
what  key  factors  should  be  included  in 
any  test  methodology  that  is  used  to 
benchmark  IPS  products. 

Remember,  by  banding  together  and 
putting  our  collective  knowledge  to  com¬ 
mon  use,  we  can  establish  an  effective 
testing  methodology  on  IPS  products  that 
will  give  users  the  data  they  need  to  make 
intelligent  deployment  decisions. 

Drop  me  an  e-mail  and  let  me  know 
your  thoughts  on  an  IPS  test  methodology. 

Tolly  is  president  of  The  Tolly  Group,  a 
strategic  consulting  and  independent  test¬ 
ing  company  in  Manasquan,  N.J.  He  can  be 
reached  at  ktolly@tolly.com. 
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continued  from  page  17 

full-screen,  full  keyboard  access  to  appli¬ 
cations  and  data  at  bedsides,  in  hallways 
or  in  waiting  rooms. 

Stettheimer  says  this  server-based 
approach  lets  an  array  of  client  devices 
wirelessly  work  with  massive  medical 
files,  with  no  bandwidth  problems. 

Network  managers  monitor  signal 
strength  at  individual  access  points  and 
check  for  unauthorized  or  rogue  radios 
using  Fluke  Electronics’  OptiView  net¬ 


work  analyzer. The  handheld  device  ana¬ 
lyzes  radio  waves  and  can  detect  unau¬ 
thorized  access  points  for  clients.  Data 
can  be  transferred  for  storage  and  analy¬ 
sis  to  a  companion  program  running  on 
a  Windows  PC. 

Set-up  snafus 

The  St.  Vincent  wireless  LAN  is  repre¬ 
sentative  of  what  are,  today,  large-scale 
campus  deployments.The  main  problem 
is  that  every  added  access  point  repre¬ 
sents  an  entirely  separate  node  that  has 
to  be  set  up,  configured,  updated,  moni¬ 
tored  and  managed.  “Once  you  get  to  a 
certain  size  with  wireless  nets,  the  real 


problem  is  how  to  deal  with  all  these 
access  points,”  Stettheimer  says. 

For  setting  up  user  access  privileges 
and  for  configuring  the  access  points  St. 
Vincent’s  network  managers  rely  on 
Wavelink’s  Mobile  Manager  software.This 
roles-based  tool  lets  physicians  working 
in  their  offices  have  one  set  of  access 
privileges  and  security,  while  clerks  work¬ 
ing  in  payroll  and  accounting  can  have  a 
different  set. 

“You  can  let  a  new  person  in  the  [hu¬ 
man  resources]  department  inherit  the 
access  rights  of  all  members  of  that  de¬ 
partment,”  he  says.  “You  can  group  the 
access  points  based  on  functions.  And 
then  you  can  deploy  upgrades  or 
make  changes  based  on  these  func¬ 
tional  categories.” 

Rolling  out  a  new  revision  of  Cisco's 
IOS  software  to  the  access  points  would 
be  a  lengthy  process  if  it  had  to  be  done 
at  each  location. St.Vincent’s  will  be  able 
to  roll  out  the  next  version  of 
Cisco’s  network  software,  IOS, 
to  every  access  point  using 
Wavelink’s  Mobile  Manager, 
without  having  to  load  each 
access  point  individually. 

The  Wavelink  software  can 
send  out  alerts  for  a  range  of 
wireless  LAN  problems.  The  alerts  pop 
up  on  a  new  Web  browser  window  on  a 
manager’s  screen.  Managers  can  drill 
down  for  more  details  without  having  to 
hunt  manually  for  a  failed  access  point. 

There  is  a  range  of  security  precau¬ 
tions,  which  is  a  special  concern  now 
that  strict  new  federal  privacy  and  secu¬ 
rity  requirements,  part  of  the  Health 
Insurance  Pbrtability  and  Accountability 


St.  Vincent’s  Hospital  uses  a  variety  of  network  products  to  protect 
and  control  access  to  key  resources. 


♦.  Cisco  Aironet  350 
\  access  point 
Wireless  laptops,  \  / 

PDAs,  tablets  .  ( ' 


Fluke  Electronics’  OptiView  Server  with  Wavelink’s 
wireless  network  analyzer  Mobile  Manager 


•  Detects  rogue  access 
points,  clients. 

•  Monitors  radio  channel 


Uses  Citnx  MetaFrame 
client  to  run  server- 
based  applications. 


Controls  access  to 
wired  resources. 


RADIUS 

authentication 


Hospital's  wired  LAN 


•  Runs  clinical  and  adminis¬ 
tration  applications. 

•  Shows  screen  displays  only 
on  authenticated  clients. 

•  Minimizes  application 
bandwidth  use  on  wireless 
and  wired  networks. 


•  Administers  access  points 
based  on  policies. 

•  Updates  configurations. 

» Sends  alerts  if  configura¬ 
tions  change  or  gear  fails. 


Citrix  MetaFrame 
server  farms 


Act,  are  about  to  take  effect.  Fluke’s 
OptiView  lets  the  network  staff  sweep 
regularly  for  unauthorized  wireless  LAN 
radios.  Users  authenticate  via  the  enter¬ 
prise  RADIUS  servers.  The  hospital  has  a 
policy  that  forbids  setting  up  an  access 
point  so  that  it  broadcasts  the  Service  Set 
Identifier  (SSID,  the  device’s  network 
name).  The  media  access  control 
address  of  each  authorized  access  point 
is  registered  in  a  network  database  as  a 
further  way  to  bar  outsiders  from  net¬ 
work  access. 

Hashing  out  security 

Stettheimer  has  what  he  calls  “security 
brainstorming  sessions”  with  his  network 
staff,  both  wired  and  wireless,  on  a  three- 
week  rotating  plan.  The  sessions  are 
intended  to  hash  out  what’s  being  done 
and  why,  identify  new  threats  and  new 
countermeasures,  and  keep  abreast  of 
new  security  technologies,  such  as 
fingerprinting  or  retinal  eye  scans,  for 
network  access. 

Finally  the  network  group  has  a  set  of 
contingency  plans  for  containing  a  secu¬ 
rity  breach.“We’ve  only  had  one,  and  that 
was  to  contain  a  virus,"  he  says. 

The  administration  and  security  frame¬ 
work  that’s  been  set  up  is  being  used  in 
the  next  phase  of  the  network:  giving 
patients  and  visitors  wireless  access  to 
the  Internet  via  the  same  access  points 
that  physicians  and  administrators  use. 

The  grant  of  access  will  be  made  possi¬ 
ble  by  a  pending  Cisco  software  upgrade 
that  will  let  one  access  point  support  sev¬ 
eral  virtual  LANs,  so  that  visitors  can  be 
segregated  on  one  VLAN,  while  doctors 
work  unhindered  on  another.* 
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WHERE  DOES  A 
COMPANY  THAT 
REACHES  A  MILLION 
PEOPLE  EACH 
RUSINESS  DAY 
GET  ITS  REACH? 


Scott  Bryan,  Sales  Engineering  Manager 
John  Cataldo,  Sales  Director 

Qwest  Communications 


VOICE  SOLUTIONS 


DATA  SOLUTIONS 
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CAPTIVATE  WORKS 
WITH  QWEST." 


Top-of-the-line  technology  can  get  you 
in  the  door,  but  it’s  the  people  behind  the 
technology  that  truly  make  the  difference. 


That’s  what  we  believe.  That’s  what  we 
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practice.  And  that’s  why  Captivate  Network 
looked  to  us  for  the  right  solution.  We 
listened  to  them,  anticipated  their  needs 


and  delivered  a  Private  Routed  Network  to 


bring  news  and  advertising  to  their  7000+ 
flat-panel  televisions  in  office-tower 


elevators  across  North  America.  Every  day 


magnitude.  We  are  passionate  about 
service.  And  we’ve  built  a  real  relationship 
with  Captivate.  One  that  doesn’t  simpiy 


end  with  the  sale.  That’s  what  sets  us 


apart.  That’s  the  Spirit  of  Service. 


Qwest 
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Spirit  of  Service ™ 
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INFRASTRUCTURE:  Controlling  LAN  security, 

Users  exploit  LAN  switch  security  features 


Securing  LAN  links 

These  technologies  and  protocols  are  available  in  many  access  LAN  switches  to  help  customers 
control  access  to  corporate  resources. 


Product 

Pros 

Cons 

Access 
control  lists 

Using  Layer  3  and  Layer  4  information,  switches  can  block  or  allow  network 
access  based  on  server  and  client  IP  addresses.  Lets  administrators  assign 
roles  to  users  based  on  their  access  needs. 

Can  be  hard  to  manage,  requiring  configurations 
to  be  set  across  many  network  devices. 

Virtual  LANs 

Virtual  LANs  can  be  used  to  segregate  users  into  groups,  allowing  only  users 
to  see  resources  they  need  on  the  network. 

Not  completely  secure  and  inter-VLAN  routing  can 
cause  network  congestion. 

802.1x 

An  IEEE  authentication  protocol  that  can  be  used  to  force  network  clients  to 
log  on  to  the  network  before  accessing  any  devices  or  resources. 

While  widely  adopted  on  switch  gear,  only  Microsoft 
Windows  XP  clients  support  the  protocol. 

Rate  limiting 

The  technology  lets  users  throttle  bandwidth  to  an  Ethernet  switch  port.  It  can 
be  used  to  limit  certain  types  of  traffic — such  as  peer-to-peer  traffic,  or  denial- 
of-service  attack  patterns — to  levels  that  don’t  affect  network  performance. 

Mostly  a  proprietary  technology  that’s  supported 
on  more  expensive  LAN  gear. 

9  BY  PHIL  HOCHMUTH 

W  hile  some  hurdles  exist,  deploying  intelligent 

Ethernet  gear  at  the  LAN  edge  is  becoming  popu¬ 
lar  as  users  seek  to  tap  multilayer  switching  fea¬ 
tures  to  boost  security  and  application  bandwidth  control. 

Several  barriers  have  stalled  widespread  adoption  of 
LAN  edge  security, some  users  say.  But  as  features  such  as 
access  control  lists  (ACL)  and  802. lx  become  standard 
in  many  vendors’  products, some  users  are  starting  to 
turn  them  on  as  an  added  layer  of  infrastructure  security 
Layer  2  Ethernet  is  the  king  of  LAN  access  in  most  busi¬ 
nesses  and  other  organizations,  but  vendors  of  Layer  2 
switches  are  increasing  the  intelligence  in  these  boxes 
with  features  that  let  switches  look  up  data  in  IP  address 
(Layer  3)  and  TCP/IP  layers  (Layer  4)  of  packets.  Many 
Layer  2  switches  can  manipulate  packet  flows  based  on 
this  Layer  2  to  Layer  4  data,  allowing  for  greater  quality  of 
service,  policy  networking  and  security 
Most  corporate  LAN  switch  vendors  with  wiring  closet 
products, such  as  Alcatel,  Allied  Telesyn,Avaya,3Com, 
Cisco,  Dell,  Enterasys  Networks,  Extreme  Networks, 
Foundry  Networks,  HP  and  Nortel  have  included  such 
features  in  their  stackable  and  modular  Ethernet  gear. 

The  penalty  box 

At  Baylor  University  in  Waco, Texas,  a  combination  of 
hardware  and  software  was  put  into  action  to  help  the 
school’s  small  IT  department  get  a  better  handle  on  mis¬ 
chief  going  on  among  nosy  students  with  networked  PCs. 

The  IT  staff  found  that  a  few  students  were  making 
repeated  attempts  to  hack  school  database  servers. 
Others  were  downloading  excessive  amounts  of  multi- 
media  files,  which  clogged  the  LAN  pipes  and  made  net¬ 
work  access  slow. 

To  remedy  this,  the  school  employed  Layer  3  and  Layer 
4  look-up  services  on  its  Enterasys  LAN  switches  and 
created  security  policies  that  limit  bandwidth  and  net¬ 
work  access  for  certain  mischievous  students.The  sys¬ 
tem  is  called  “the  penalty  box,”  says  Bob  Hartland,  direc¬ 
tor  of  IT,  networks  and  servers  at  Baylor. 

During  Napster’s  heyday  several  years  ago,  Hartland  says 
the  administration  let  his  staff  literally  pull  the  plug  on  stu¬ 
dents  who  were  running  illicit  programs  or  protocols 
(such  as  unauthorized  Dynamic  Host  Configuration 
Protocol  servers  used  in  file-sharing  services)  out  of  their 
dorm  rooms.  However,  this  did  not  go  over  well  with  some 
students  and  parents,  because  Baylor  markets  dorm-room 
internet  links  and  charges  $15,700  a  year  in  tuition. 

“Kids  are  going  to  do  what  they’re  going  to  do,”  on  the 
network.  Hartland  says.“Now  instead  of  disconnecting 
them  completely,  we’ll  put  them  in  the  penalty  box. 
Putting  them  there  allows  them  still  to  connect  from  their 
rooms,  but  at  restricted  subset  of  services.” 

This  is  done  with  Enterasys  Matrix  El  switches  deployed 
at  the  dorm  wiring  closets  (more  than  3,000  ports)  and 
the  company’s  User  Personalized  Network  (UPN)  and 
Fblicy  Manager  software  in  the  network  control  center. 

The  El  switches  support  Layer  3  and  Layer  4  services 
such  as  rate  limiting  and  ACLs  based  on  IP  address,  User 
Datagram  Protocol  (UDP)  port  and  media  access  con¬ 
trol  (MAC)  address. The  UPN  software  taps  into  these 
features  and  lets  the  IT  staff  create  policies  and  roles 


with  certain  limitations:  a  full-featured  role  might 
include  access  to  all  services  at  100M  bit/sec,  while  a 
limited  role  (restricted  visitors  to  the  network  or  some¬ 
one  relegated  to  the  penalty  box)  might  be  blocked 
from  the  Internet,  with  only  access  to  e-mail  and  univer¬ 
sity  intranet  services  at  a  bandwidth  rate  less  than  full 
capacity. 

The  Matrix  El  gear  with  support  for  ACLs,  rate  limiting 
and  other  features  costs  more  than  Enterasys’ standard 
Layer  2  workgroup  switches,  Hartland  says  —  about  20% 
more  per  port.  But  the  management  and  security  benefits 
pay  off. 

“One  thing  is  that  our  network  technicians  don’t  have 
go  out  to  the  dorms  anymore  at  10  p.m.to  fix  problems  or 
disconnect  ports"  Hartland  says. 

At  Webster  University  in  St.  Louis,  ACLs  also  are  used  to 
limit  student  activities  by  blocking  certain  address  groups 
from  accessing  servers  and  other  resources  that  are 
restricted  from  student  access. 

Cisco  Catalyst  3550  and  2950  switches  with  support  for 
Layer  3  ACLs,  filtering  and  802.  lx  authentication  were 
deployed  last  year  on  campus  for  securing  the  LAN.The 
intelligent  LAN  switches  have  helped  the  school  give  its 
networked  students  access  to  more  services  around  cam¬ 
pus  while  keeping  important  resources  —  such  as  servers 
for  the  bursars  of  financial  aid  offices  —  accessible  only 
to  authorized  personnel,  according  to  Benjamin  Hocken- 
hull,  network  coordinator  at  Webster. 

Standards  issues 

One  LAN  security  feature  many  users  are  still  luke¬ 
warm  on  is  802.  lx. The  IT  staffs  at  Webster  and  Baylor 
have  not  gone  forward  with  widespread  use  of  the 
authentication  standard  because  802. lx  relies  on 
Microsoft  Windows  XP  clients,  the  only  Windows  desk¬ 
top  to  support  the  technology. 

The  IEEE  802. lx  protocol  is  a  standard  for  authenticat¬ 
ing  clients  to  network  devices,  instead  of  a  LAN  directory, 
such  as  a  Microsoft  Active  Directory,  Novell  Directory 
Services  or  Lightweight  Directory  Access  Protocol  servers. 
Some  security  experts  say  this  is  a  more  effective  method 
of  securing  a  LAN  because  clients  that  fail  a  directory 


server  authentication  attempt  can  often  see  and  use  net¬ 
work  resources, such  as  printers,  unsecured  shared  stor¬ 
age  and  Internet  access. 

According  to  Scott  Day,  network  services  manager  at 
Baylor,  802.  lx  “is  something  we’ve  been  looking  at  really 
closely,  but  one  thing  we’ve  bumped  into  is  compatibili¬ 
ty”  While  some  institutions  make  their  students  stan¬ 
dardize  on  one  kind  of  laptop  or  operating  system  for 
network  connectivity,  Baylor  has  not  adopted  that  poli¬ 
cy,  Day  adds. 

“Anyone  running  Macintosh  or  Linux  would  be  left  out,” 
Day  says.“lt’s  ironic  that  so  much  network  equipment  sup¬ 
ports  802. lx,  but  so  few  clients  can  use  it.” 

Slow  adoption  in  businesses 

Layer  2  to  Layer  4  services  at  the  LAN  edge  might  be 
catching  on  in  academic  institutions,  but  some  business 
networks  are  acting  more  slowly  to  implement  the  tech¬ 
nology  Often,  budgets  and  corporate  policies  can  be  the 
limiting  factors. 

“We’re  well  aware  of  some  of  the  features  our  LAN 
switches  are  capable  of,”  says  Tony  Crognale,  network 
technician  at  Scottsdale  Insurance  in  Arizona.  But  he 
adds  that  his  staff  has  not  turned  on  features  such  as  ACLs 
and  802. lx  on  his  network  of  Extreme  BlackDiamond 
switches  because  the  firm’s  parent  company,  Nationwide 
Insurance,  has  yet  to  set  guidelines  for  how  such  technol¬ 
ogy  should  be  implemented. 

“We  aren’t  taking  a  lot  of  the  [LAN  security]  measures 
we  should  be  taking,  but  I  could  see  that  happening  in 
the  near  future,"  Crognale  says. 

He  is  particularly  interested  in  locking  down  users  by 
their  MAC  addresses  to  prevent  “vendors  or  other  visitors” 
who  come  into  Scottsdale’s  offices  from  accessing  the 
network  with  laptops.“Basically,it  would  eliminate  the 
chance  of  any  outside  computers  getting  on  our  net¬ 
work,”  he  says. 

Crognale  says  Nationwide  recently  instituted  a  com¬ 
panywide  IT  security  department,  which  he  plans  to 
work  with  to  implement  such  measures. 

“I’m  certain  we’ll  be  working  very  soon  to  put  those  fea¬ 
tures  into  place,”  he  says.B 
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EMC  makes  promises. 
Veritas  offers  visions. 

And  Softek  delivers 
“the  most  storage 
management  for 
the  IT  buck:’ 
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Storage  and  SearchStorage.com  Gold  Award 


“The  experts  believe  [Softek™] 

Storage  Manager  gives  users  the 
most  management  for  their  IT 
buck,”  said  Storage  Magazine  and 
SearchStorage.com.  That’s  why 
they  awarded  Softek  Storage 
Management  Product  of  the  Year. 

Softek  Storage  Manager  is  the 
only  true  heterogeneous  policy-based  storage  management 
solution  enabling  companies  to  simplify  and  optimize  their 
multi-vendor  storage  infrastructures.  The  results  of  using 
Softek’s  automation  solutions  are  greater  application 
availability,  more  productive  staffs  and  better-utilized  storage. 
In  fact,  Softek  guarantees  a  50%  improvement  in  storage 
utilization  or  the  software  is  free.  To  learn  more,  go  to 
www.softek.fujitsu.com. 


FUJITSU 

THE  POSSIBILITIES  ARE  INFINITE 


Simplifying  Data  Storage 


©  2003  Fujitsu  Software  Technology  Corporation.  All  rights  reserved.  All  other  products  are  property  of  their  respective  owners.  Guarantee  utilization  program  details  are  subject  to  mutually  acceptable  terms  outlined  in  the  Softek  Storage  Manager 
Licensing  Agreement.  To  learn  more,  visit  www. softek.fujitsu.com/guarantee. 
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Foundry  Networks  is  the  market  leader  in  Layer  4-7  switches 
that  enhance  the  performance  of  your  business  applications. 
That’s  because  Foundry’s  Served ron  Layer  4-7  switch  is  perhaps 
the  most  intelligent  piece  of  iron  ever  built.  It  intelligently  distributes 
traffic  across  applications,  servers,  firewalls,  caches,  and  even  across  data 
.  centers.  It  secures  your  servers  and  applications  from  malicious  attacks.  It 

monitors  server  and  application  health  to  provide  rapid  recovery  and 
minimize  or  even  eliminate  application  downtime.  It  directs  network  traffic 
based  on  application,  server  load,  URL  content, or  cookies.  Brains  like  this  make 
Serverlron  an  essential  component  of  your  network  infrastructure.  In  fact, 
purchasing  it  could  be  one  of  the  smartest  moves  you’ll  ever  make. To  find  out  more  f  ^ 

about  the  Serverlron  Product  Family,  visit  us  at  www.foundrynetworks.com/si,  or  call 
Foundry  Networks  at  1 .888.TURBOLAN  (887-2652)  and  make  the  intelligent  choice. 
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Iona  eases  mobile 
access  to  corp.  apps 


■  BY  JOHN  FONTANA 

WALTHAM,  MASS.  —  Iona  is  moving  to 
keep  mobile  users  involved  in  the  work- 
flow  of  everyday  business  with  Web  ser- 
vices-based  middleware  designed  to  let 
them  access  applications  with  or  without 
a  network  connection. 


■  Funk  Software  and  Network 
Engines  have  teamed  to  offer  a  pre- 
loaded  hardware  appliance  that 
authenticates  remote  users  connect¬ 
ing  to  corporate  WANs  and  users  on 
wireless  LANs.  The  combined  prod¬ 
uct  is  a  rack-mountable  device  that 
runs  under  the  Windows  2000 
Professional  operating  system.  The 
866-MHz  1  U-high  device,  called  Steel- 
Belted  Radius  Appliance,  costs 
$7,500.  www.funksoftware.com 

■  Smarts  last  week  released  a  soft¬ 
ware  tool  to  help  customers  monitor 
and  maintain  security  devices  across 
their  infrastructure.  InCharge  for 
Security  Infrastructure 
Management  is  a  software  add-on 
to  Smarts’  flagship  InCharge  soft¬ 
ware.  InCharge  Security  Infra¬ 
structure  Management  monitors  the 
status,  availability  and  changes  of 
security  devices  in  enterprise  net¬ 
works.  The  first  release  of  the  prod¬ 
uct  can  monitor  security  devices 
from  companies  such  as  Cisco, 
Check  Point  and  Nokia.  The  product 
conducts  firewall  performance  moni¬ 
toring  to  determine  the  health  of 
components  such  as  processors, 
memory,  disks,  file  systems,  applica¬ 
tions  and  interfaces.  Security 
Infrastructure  Management  software 
also  can  work  with  pure  security 
tools  or  products  from  security  man¬ 
agement  vendors  such  as 
e-Security,  Intellitactics  and 
netForensics.  It  is  priced  from 
$40,000  to  $60,000.  www.smarts.com 


The  company  next  week  will  ship  its 
Mobile  Orchestrator,  the  first  in  a  series  of 
tools  for  organizing  Web  services  applica¬ 
tions  and  business  processes,  and  tying 
them  together  into  a  coherent  workflow. 
The  Mobile  Orchestrator  is  a  message- 
driven,  Web  services-based  process  inte¬ 
gration  broker  designed  for  use  with 
mobile  applications  where  users  don’t 
always  have  a  network  connection. 

The  software  would  let  companies  give 
mobile  workers  offline  access  to  applica¬ 
tions,  workflows  and  corporate  resources. 
The  user  then  would  synchronize  his 
work  with  the  application  on  the  server 
once  he  reconnects  to  the  network. 

The  software  also  can  use  Web  services 
to  tie  together  different  applications 
involved  in  a  workflow  process,  such  as 
completing  a  transaction  from  order  entry 
to  fulfillment. 

“Building  mobile  applications  today  is 
hard  because  the  technology  is  primitive 
and  the  development  work  very  manual,” 
says  Ted  Schadler,  principal  analyst  for 
Forrester  Research.  “Today  you  can  basi¬ 
cally  do  e-mail  and  some  data  down¬ 
loads,  but  building  applications  that  work 
online  and  offline  is  hard.” 

Schadler  says  Iona  understands  the 
complexities  of  message-driven  integra¬ 
tion  from  its  experience  with  Common 
Object  Request  Broker  Architecture.  But 
he  says  the  company  will  be  challenged 
because  Mobile  Orchestrator  works  only 
with  Java  applications  and  not  those 
from  Microsoft,  and  with  having  to  sell 
the  product  through  independent  soft¬ 
ware  developers  for  all  but  the  largest 
companies. 

For  Iona,  Mobile  Orchestrator  is  the  first 
in  a  line  of  tools  for  integrating  business 
processes  that  Iona  plans  to  develop  for 
its  Rapid  Integration  product  line. 

The  company  competes  with  similar 
products  from  Kenamea  and  KnowNow. 

The  software  includes  a  Java-based 
server  and  client  software  integrated  with 
applications  that  run  on  mobile  devices. 

Companies  interested  in  the  client/serv¬ 
er  package  will  need  to  use  Iona’s  Orches¬ 
trator  Studio  to  build  mobile  process 
orchestration  support  into  existing  or  new 
applications. 

Iona  also  is  teaming  with  Intel  to  sup¬ 
port  its  Centrino  wireless  chip,  which  will 

See  Iona,  page  24 
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Web  revamp  enhances 
dental  services 


Web  dentists 

DentaQuest  Ventures  built  a 
secure  Web  infrastructure  to 
give  doctors  and  patients  access 
to  insurance  information. 


BY  ANN  BEDNARZ 
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Delta  Dental 
headquarters 
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Patient  logs  on  to 
insurance  provider’s 
secure  Web  site  to 
make  queries. 
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OpenNetwork 
DirectorySmart 
software,  running  on 
top  of  Sun  One 
Directory  Server, 
validates  user  and 
sends  queries  to 
Oracle  database, 
which  stores  patient 
information. 


Oracle  system 
submits  queries 
through  IBM 
MQSeries  interface 
to  mainframe 
system,  which 
returns  requested 
data  to  user  via 
MQSeries,  Oracle 
and  Directory- 
Smart  systems. 


elta  Dental  Plan  of  Massachu¬ 
setts  decided  to  overhaul  its 
Web  site  for  two  reasons:  to 
reduce  call  center  volumes  and 
improve  customer  service. 

Agents  at  Delta  Dental  Plan  of 
Massachusetts  handle  roughly 
A  4,000  phone  calls  each  day  from 
dentists’  offices,  benefits  adminis¬ 
trators  and  patients,  looking  to 
find  out  the  status  of  an  insurance 
claim  or  see  if  a  patient  is  eligible 
for  certain  dental  procedures.  So 
the  Boston  provider  of  group  den¬ 
tal  benefits  decided  to  add  self- 
service  tools  to  its  Web  site  to 
divert  some  of  these  queries 
online. The  tricky  part  was  provid¬ 
ing  access  to  data  stored  in  back¬ 
end  systems  securely  and  without 
compromising  patient  privacy 
DentaQuest  Ventures  —  a  sub¬ 
sidiary  of  Dental  Service  of 
Massachusetts  that  handles  bene¬ 
fits  administration  and  IT  support 
for  Delta  Dental  —  invested  in 
identity-  and  access-management 
software  from  OpenNetwork  Tech¬ 
nologies.  The  software  maker’s 
DirectorySmart  suite  provides 
tools  for  defining  and  managing 
role-based  security  policies.  With 
it,  DentaQuest  can  set  up  user  pro¬ 
files  to  give  them  protected  Web 
access,  and  then  audit  and  report 
on  Web  activities. 

To  register,  users  provide  person¬ 
al  information  such  as  a  tax  identifi¬ 
cation  number,  dental  license  number  or  Social  Security  number.  So  far,  among 
5,000  Delta  Dental  participating  dentists  in  Massachusetts,  about  1,400  have  regis¬ 
tered  to  use  the  Web  site. 

These  customers  —  dentists’  offices,  accounts  benefits  administrators  at  compa¬ 
nies  insured  by  Delta  Dental  Plan  of  Massachusetts,  and  insured  individuals  —  can 
now  get  access  to  patient  and  plan  information  over  the  Web.  At  the  same  time, 
DentaQuest  maintains  the  requisite  security  to  comply  with  privacy  and  authenti¬ 
cation  regulations  mandated  under  the  Health  Insurance  Portability  and 
Accountability  Act. 

The  new  site,  launched  last  spring,  is  a  far  cry  from  the  provider’s  original  cus- 

See  Dental,  page  24 
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From  the  beginning,  the  end  was  the 
important  thing.  A  seminal  paper  in 
the  history  of  the  Internet  is  “End  to 
End  Arguments  in  System  Design”  by 
Jerome  Saltzer,  David  Reed  and  David 
Clark.  This  paper  laid  out  the  basic  idea 
that  the  Internet  should  support  applica¬ 
tions  running  over  it  by  not  caring  what 
applications  are,  in  fact,  running  over  it. 
This  idea  created  the  incredible  diversity 
of  services  and  applications  reachable 
through  the  ’Net.  It  also  is  this  idea  that, 
more  than  20  years  after  it  was  first  pub¬ 


In  the  end,  it's  the  end  that  counts 


lished,  still  scares  the  bejesus  out  of  gov¬ 
ernments,  carriers  and  some  standards 
organizations. 

The  paper  (www.nwfusion.com,  Doc- 
Finder:  4727),  often  referred  to  as  the“e2e 
argument,”  is  more  than  a  factoid  of  histo¬ 
ry  It,  along  with  David  Isenberg’sThe  Rise 
of  the  Stupid  Network” (DocFinder:  4728), 
describes  the  key  Internet  feature  that 
must  be  preserved  for  the  ’Net  to  continue 
to  live  up  to  its  potential.  That  feature  is 
that  the  Internet  does  not  get  in  the  way 
when  a  device  at  one  “end”  of  the  ’Net 
wants  to  talk  to  a  device  at  another“end.” 

In  too  many  places  the  installation  of 
network  address  translators  (NAT)  and 
firewalls  have  badly  distorted  this  feature. 
In  an  ideal  e2e  world,  users  who  wanted 
to  create  a  new  application  or  service 
would  not  have  to  get  permission  from 
the  network  managers  between  their 


machine  and  the  machines  of  people 
who  wanted  to  use  their  services.  But  it  is 
not  an  ideal  world.  People  put  in  NATs  to 
deal  with  real  or  imagined  difficulties  in 
getting  address  space  and  put  in  firewalls 
in  a  Band-Aid  approach  to  security 
(DocFinder:  4729). 

Open  networks  scare  a  lot  of  people,  not 
the  least  of  whom  are  the  carriers  and 
governments.  Carriers,  because  they  think 
they  need  to  control  what  their  customers 
can  get  to  so  that  the  carriers  can  charge 
extra  for  “special”  services.  Governments, 
because  they  want  to  protect  the  poor 
users  by  controlling  what  they  can  do  and 
see  on  the  'Net  and  because  governments 
want  to  watch,  just  in  case  the  users  do 
something  naughty 

Some  people  are  trying  to  at  least  get  the 
carriers  to  provide  an  Internet  service  that 
includes  all  of  the  Internet  and  not  just  a 


WWW. 


nwfusion.com 


controlled  corner  (DocFinder:  4730). 

One  thing  that  had  been  lacking  was  a 
good,  clear,  well-thought-out  online 
resource  where  people  could  learn  about 
the  importance  of  the  e2e  argument  and 
what  will  happen  if  the  e2e  Internet  is  lost. 
There  is  now  such  a  site  that  I  recom¬ 
mend.  It  is  called  “World  of  Ends” 
(http://worldofends.com).  Please  do  not 
just  take  a  look  —  take  the  time  to  read  it, 
and  you  will  see  what  the  importance  is  of 
an  end  in  the  Internet  world  and  what  is  at 
risk  if  the  ends  get  captured. 

Disclaimer:  Some  of  Harvard’s  schools 
understand  clarity  some  teach  how  not  to 
be  clear.  But  none  cooperated  in  this 
opinion. 

Bradner  is  a  consultant  with  Howard 
University's  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


WebSense  takes  aim  at  rogue  applications 

Desktop  client  can  block  instant-messaging,  file-sharing  services. 


■  BY  JASON  MESERVE 

SAN  DIEGO  —  WebSense  is  moving 
beyond  its  traditional  roots  of  blocking 
employee  access  to  nonbusiness-related 
Web  sites  to  helping  customers  curb 
access  to  nonbusiness  applications  such 
as  instant  messaging  and  peer-to-peer  file 
sharing. 

WebSense  Enterprise  Version  5  adds  a 
network  sniffer  that  can  analyze,  block  or 
limit  the  amount  of  bandwidth  that 
instant-messaging  clients,  streaming 
media  and  other  protocols  use. 

A  desktop  client  inventories  systems 
applications  and  can  block  the  use  of 
applications  such  as  Kazaa  or  known 
hacking  tools.  Previous  versions  of 
WebSense’s  employee  Internet  manage¬ 
ment  tool  integrated  with  the  corporate 
firewall  and  only  blocked  a  selectable  list 
of  sites  including  pornography,  hate 
groups  and  other  nonbusiness-related 
addresses. 

“In  the  first  six  hours  of  analyzing  the  data 
going  through  our  pipes,  we  found  2  to  3 
gigabytes  were  being  used  by  streaming 
audio  applications,"  says  Ryan  Macdonald, 
software  developer  with  the  Indian  Health 


Iona 

continued  from  page  23 

work  with  the  Orchestrator  server. 

Iona  is  using  a  store/forward  messag¬ 
ing  model  to  facilitate  the  synchroniza¬ 
tion  of  data.  Orchestrator  Web  services 
interface  uses  Simple  Object  Access 
Protocol  messages  and  FTP  for  trans¬ 
porting  those  messages. 

“FTP  is  ubiquitous,  very  reliable  and 
great  for  transferring  files, "says  Pat  O’Brien, 
vice  president  of  corporate  strategy  for 


Services’  Billings,  Mont.,  office,  which  has 
two  T-ls  to  support  750  concurrent  users 
and  has  been  using  a  beta  copy  of  Version 
5  for  a  few  months.“Blocking  that  traffic  has 
freed  up  our  pipe  a  lot.” 

Using  systems  such  as  WebSense 
Enterprise  and  competing  products  such 
as  Sitekeeper  Systems  Management 
Software  also  can  be  used  to  help  limit 
employers’  legal  liability  by  blocking 
access  to  objectionable  material  and 
keep  illegally  obtained  copyright  material 
from  being  downloaded  and  stored  on 
company  computers.  It  also  can  improve 
security  by  limiting  notoriously  porous 
applications  such  as  AOL  Instant 
Messenger  and  Kazaa. 

“A  big  [security  risk]  is  file-sharing 
applications  that  promote  viruses  and 
allow  them  to  enter  the  network  easily 
Macdonald  says. 

WebSense’s  restrictive  policies  can  be 
implemented  on  a  group  or  individual 
level. The  company  constantly  updates  the 
database  of  protocols,  Web  sites  and  appli¬ 
cations  that  could  be  considered  nonwork- 
related  and  pushes  those  changes  down  to 
customers  automatically. Company  officials 
choose  how  the  policies  are  implemented, 


Iona.  O’Brien  says  that  while  Orchestrator 
is  based  on  Web  services  standards,  Iona 
still  uses  a  proprietary  process  modeling 
language.  But  the  company  is  keeping  an 
eye  on  the  emerging  Business  Process 
Execution  Language  for  Web  Services,  a 
modeling  language  IBM  and  Microsoft  are 
developing. 

Orchestrator  server  software  will  cost 
$18,000  per  processor. The  client  software 
will  be  priced  starting  at  $130  per  person 
for  250  people.  The  development  and 
design  tool  will  cost  $1,500  per  license.  ■ 


says  Andrew  Meyer,  vice  president  of  mar¬ 
keting  at  WebSense. 

While  WebSense’s  client  application  can 
inventory  all  applications  on  a  PC,  it  can¬ 
not  search  for  potential  copyright- 
infringed  MP3s  that  might  be  stored 
because  there  is  no  means  of  determining 
if  the  content  is  legally  copied  or  not. 

On  the  server  side,  WebSense  Enterprise 
runs  on  Windows  NT,  2000, Sun  Solaris  and 
Linux.The  Web  site  blocking  module  inte¬ 
grates  with  most  major  firewalls.The  client 
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tomer  Web  site,  which  provided  only 
general  information  such  as  a  directory 
of  dentists,  says  Eleanor  McConnell, 
customer  service  manager  at  Denta- 
Quest.  “People  couldn’t  get  specific 
information  on  eligibility,  claims  status 
or  benefits  through  the  old  site,"  she 
says. 

OpenNetwork’s  DirectorySmart  soft¬ 
ware  runs  in  conjunction  with  Sun 
One  Directory  Server,  which  stores 
user  information.  The  Web  applica¬ 
tion  communicates  with  an  Oracle 
database,  which  contains  some 
patient  information,  and  with  Denta- 
Quest’s  primary  claims  processing 
system,  which  runs  on  an  IBM  OS/390 
mainframe. 

DentaQuest  uses  IBM’s  MQSeries  mid¬ 
dleware  to  handle  the  exchange  and 
formatting  of  information  between  the 


management  piece  supports  Windows  98 
and  greater.  Pricing  for  WebSense 
Enterprise  Version  5  with  “all  the  bells  and 
whistles”  averages  about  $20,000  per  year 
for  500  concurrent  users,  Meyer  says. 

WebSense:  www.websense.com 

Web 
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mainframe  and  Web  systems,  says  Ron 
Cedrone,  IT  project  manager  at  Denta¬ 
Quest. 

Down  the  road,  DentaQuest  might 
migrate  to  Microsoft’s  Active  Directory 
software  in  lieu  of  Sun’s  directory  soft¬ 
ware,  Cedrone  says.  DentaQuest’s  cur¬ 
rent  Sun  license  covers  up  to  100,000 
users  before  requiring  DentaQuest  to 
purchase  licenses  individually. 
Migrating  to  Active  Directory  could 
save  money  as  DentaQuest  grows, 
Cedrone  says. 

Over  the  long  term,  DentaQuest  says  it 
would  like  to  reduce  call  center  vol¬ 
umes  with  its  new  Web  infrastructure. 
Up  and  running  since  last  spring,  the 
new  Web  site  hasn’t  caused  call  vol¬ 
umes  to  plummet,  but  DentaQuest 
expects  to  see  volumes  gradually 
decline  as  more  users  migrate  online. 

“Were  patient,”  says  Michael 
Duhamel,  DentaQuest  application  ser¬ 
vices  manager.  The  company’s  primary 
goal  was  to  improve  customer  service, 
he  says.  If  operational  savings  follow, 
that’s  even  better.  ■ 


FREE  White  paper! 

Avoiding  Costs  from  Oversizing 
Data  Center  Infrastructure 

Just  mail  or  fax  this  completed 
coupon  or  contact  APC  for  your 
FREE  white  paper  -  Avoiding 
Costs  from  Oversizing  Data 
Center  Infrastructure  Better 
yet,  order  it  today  at  the  APC 
Web  site! 
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What  type  of  availability  solution  do  you  need? 
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you  really  as 
we  think  you 


As  racks  become  increasingly  popu¬ 
lated  with  thinner,  deeper  servers, 
high  power  densities  in  your  server 
room  or  data  center  can  create 
havoc,  from  early  equipment  failures 
to  expensive,  forget-about-your-job- 
security  downtime. 

Introducing  InfraStruXure™  architec¬ 
ture,  the  industry's  only  patent-pend¬ 
ing,  network-critical  physical  infra¬ 
structure.  InfraStruXure™  lets  you 
target  power  and  cooling  precisely 
where  your  mission-critical  applica¬ 
tions  live — the  rack  enclosure. 

And  because  InfraStruXure  architec¬ 
ture  uses  a  modular,  manageable,  pre¬ 
engineered  approach,  you  can  select 
standardized  components  to  create 
your  own  customized  solutions. 

Which  means  you  can  target  avail¬ 
ability,  pay  as  you  grow,  adapt  to 
change,  and  maximize  efficiency 
while  minimizing  installation,  operat¬ 
ing,  service,  and  maintenance  costs. 


On-demand  scalable,  manageable, 
pre-engineered  solutions 


[hot  air]- 


InfraStruMure 


JC 


High  power  densities  can  create  hot 
spots,  which  cause  equipment  failures 
and  expensive  downtime. 


[cold  air] 

InfraStruXure's  advanced  cooling 
components  help  remove  heat  from 
your  servers  and  target  air  circulation 
where  it  is  most  needed. 


Air  components  designed  for 
InfraStruXure ™  are  manageable  via 
network  technology,  and  feature  a 
modern,  reliable  design  with  fewer 
moving  parts. 


"Our  Video  on  Demand  (VOD) 
servers  are  air  cooled  from  front 
to  back.  The  APC  racks  that 
house  the  InfraStruXure  are  also 
designed  to  cool  from  front  to 
back.  So  the  same  racks  can 
effectively  house  our  power  sys¬ 
tem  and  our  servers. " 

Vince  Pombo 
Vice  President  of  Engineering 
Rich  Flanders 
Director  of  Engineering 
Time  Warner  Cable 

"If  I  had  purchased  the  incum¬ 
bent  vendor's  3-phase  upgrade 
model,  I  would  have  paid  75% 
more  in  service  costs  over  the 
next  four  years  and  I  would 
have  had  to  utilize  50%  more  of 
my  precious  floor  space." 

Captain  Timothy  Riley 
Support  Services  Division 

City  of  Newport  Beach  Police  Department 


POWER  RACK  AIR 


In  times  like  these,  it  pays  to  think 
smart.  For  more  information  on 
InfraStruXure's  open,  adaptable, 
integrated  approach  to  network- 
critical  physical  infrastructure,  visit 
us  online  today  at  www.apc.com. 


Winner  of  the  Windows  and  .Net  Magazine  "2002 
Reader's  Choice  Award  for  Best  High  Availability 
Solution "  and  the  GCN  " Best  New  Technology 
Award"  at  FOSE,  March  2002.  (Awarded  to 
PowerStruXure",  which  is  now  included  under  the 
InfraStruXure “  brand.) 


AFTER 


InfraStruXure™  lets  you  build  out  capacity 
only  as  it's  required.  Save  up  to  50% 
CapEx  and  20%  OpEx*,  and  reclaim  an 
average  of  20%  usable  space. 
InfraStruXure  AIR  delivers  cooling 
directly  where  it  is  needed,  eliminating 
dangerous  hot  spots. 


CD 

Q_ 


BEFORE 


Equipment  Racks 


Batteries 


UPSs 


Traditional  data  centers  are  built  out 
for  future  capacity  and  require  a 
large  amount  of  floor  space  that 
could  be  otherwise  utilized.  High 
power  density  racks  create  danger¬ 
ous  hot  spots. 


For  a  closer  look  at  InfraStruXure  " ,  attend  a  FREE  APC  Executive  Breakfast 
Seminar  in  your  area.  For  more  information  visit:  httpy/pmmo.apc.com 
and  enter  key  code  below. 


Every  product  carrying  this  mark  has 
been  tested  and  certified  for  use  with 
InfraStruXure™  architecture.  Before 
you  buy,  check  for  the  X  to  guarantee 
product  compatibility. 


Legendary  Reliability 


*  Representative  savings  based  on  projected  power  infrastructure  build-out  costs  and  estimated  service  cost  per  unit.  Actual  savings  may  vary. 
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Meet  Rachel.  Crisis  Coordinator. 


Communications  Queen. 


11  odds. 

itinue  to  rise.  Winds  are  relentless.  Even  a  year  aqo 
supplies  under  such  conditions  would 
h  network  capabilities 

.-  .  V--"  . 5  ‘  V  thaPadaftto^.^ia,  employees  iike  Rachel  can  coordinate 

'  multiple  teams  in  scattered  locations.  And  stay  in  constant 

r  •:  '■  - '  .  ’■ v" 

contact  as  weather  patterns  quickly  shift  drop  coordinates.  At 
Nortel  Networks,  we  call  this  "the  engaged  business  model" 
And  we  make  it  happen  by  allowing  businesses  to  engage  their 
employees  with  ways  to  work  more  productively  as  teams. 
Eliminating  boundaries  by  anticipating  user  needs.  Delivering 
critical,  time-sensitive  information  on  whatever  device  they  can 
access.  Encrypted  for  security,  info  gets  to  where  it  needs  to  go 
and  nowhere  else.  End  of  story:  Rachel  and  her  team  save  time 
and  money  as  they  race  to  help  people  in  need.  All  delivered 
by  our  enterprise  vision.  One  network.  A  world  of  choice. 
norte1networks.com/onenetwork 
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Private  lines  still  thriving,  study  says 

Local  services  will  grow,  while  long-distance  services  will  decline. 


■  BY  MICHAEL  MARTIN 

Private-line  revenue  will  continue  to  grow 
steadily  through  2008,  despite  competition 
from  Internet  services,  according  to  a 
recent  report  from  Insight  Research. 


■  Digex  is  expanding  its  roster  of 
services  with  managed  messaging. 
The  managed  hosting  provider  will 
offer  messaging  and  collaboration 
features  on  the  Microsoft  Exchange 
2000  platform  beginning  in  the  sec¬ 
ond  quarter.  Enterprise  customers 
will  have  access  to  services  including 
e-mail,  shared  calendaring  and  con¬ 
tact  management.  Digex  executives 
say  the  hosted  Exchange  service  will 
include  a  service-level  agreement  in 
shared  and  dedicated  environments. 
Digex  is  partnering  with  Apptix,  for¬ 
merly  application  service  provider 
Telecomputing,  to  provide  the  ser¬ 
vices.  Digex  is  using  Apptix's  auto¬ 
mated  provisioning  platform,  hosted 
in  Digex  data  centers. 

■  Internap  Network  Services  and 
NEC  Business  Network  Solutions 

inked  a  deal  last  week  that  will  let 
NEC  resell  Internap's  services.  NEC 
BNS,  a  muitiservice  system  integra¬ 
tor,  will  offer  its  customers  Inter-nap's 
collocation  and  intelligent  routing  IP 
services.  The  companies  also  plan  to 
develop  and  market  new  IP-based 
VPN  and  voice-over-IP  services  for 
business  users. 

■  Masergy  Communications  raised 
$31  million  in  its  second  round  of 
funding  earlier  this  month  from 
Meritage  Private  Equity  Funds  and 
Centennial  Ventures.  The  service 
provider,  which  offers  managed  IP, 
video,  VoIP  and  VPN  services,  says 
that  its  business  plan  is  now  fully 
funded.  The  company  has  drummed 
up  a  total  of  $100  million  in  funding 
since  it  was  founded  in  2000. 


“Since  the  mid-1990s,  people  have  been 
saying  private  lines  would  disappear 
because  of  the  Internet,” says  Robert  Rosen¬ 
berg,  president  of  Insight.“Instead,the  Inter¬ 
net  has  been  a  spur  to  private-line  sales.” 

The  Internet  is  increasing  private-line 
use  because  companies  need  to  connect 
to  local  Internet  hubs.  In  the  past,  compa¬ 
nies  would  connect  far-flung  branch 
offices  with  long-distance  private  lines, 
Rosenberg  says. 

That  model  is  disappearing  though. 
Instead,  Rosenberg  says,  many  companies 
now  use  local  private  lines  to  connect 
multiple  offices  in  one  area  to  a  nearby 
Internet  hub.  Once  traffic  hits  the  hub,  IP 
VPNs  are  used  to  communicate  with 
other  company  offices  around  the  coun¬ 
try  or  the  globe. 

While  private-line  revenue  will  grow  at  a 
rate  of  7.7%  between  2003  and  2008,  most 
of  that  growth  will  be  in  local  private-line 
sales,  according  to  the  study. 

Local  wholesale  lines  sold  to  other  car¬ 
riers  and  ISPs  will  show  double-digit 
growth;  local  retail  lines,  which  carriers 


An  oldie,  but  a  goodie 

Despite  the  rise  of  newer 
technologies,  private-line 
revenue  will  climb  steadily 
over  the  next  few  years. 


Total  market  (in  billions) 


2003  2004  2005  2006  2007  2008 


SOURCE:  INSIGHT  RESEARCH 

sell  to  companies,  and  long-distance 
wholesale  lines  will  show  single-digit 
growth;  and  long-distance  retail  lines  will 
decline,  the  report  says. 

One  factor  driving  the  growth  of  whole¬ 
sale  local  private  lines  is  increasing 
broadband  usage,  Rosenberg  says.  Broad¬ 


band  traffic  is  becoming  more  image-ori¬ 
ented.  And  because  images  consume  a 
great  deal  of  bandwidth,  ISPs  will  have  to 
buy  more  private-line  bandwidth  to  han¬ 
dle  the  image-oriented  traffic  the  ISPs’  cus¬ 
tomers  demand. 

Despite  the  steady  increase  in  demand 
for  private-line  bandwidth,  Rosenberg 
doesn’t  expect  prices  to  increase.  Private¬ 
line  pricing  has  decreased  consistently 
over  the  past  three  years.  The  demise  of 
many  competitive  local  exchange  carriers 
and  the  financial  instability  of  some  estab¬ 
lished  providers  has  led  to  speculation  that 
bandwidth  pricing  in  general  would  begin 
to  stabilize  or  perhaps  even  increase. 

“If  you  look  into  the  future  I  think  you’re 
going  to  see  that  you  can  get  more  capac¬ 
ity  for  the  same  price  you’re  paying  today” 
he  says. 

The  carriers  that  will  benefit  most  from 
the  rising  sales  of  local  private-line  services 
will  be  those  that  own  metropolitan-area 
networks,  in  particular  the  regional  Bell 
operating  companies,  Rosenberg  says. 

Insight  Research:  www.insight-corp.com 


Sprint  expands  its  MAN  rollout 


■  BY  DENISE  PAPPALARDO 

Sprint  says  it  is  rolling  out  metropolitan- 
area  networks  in  13  more  markets,  a  move 
that  is  expected  to  lead  to  cost  savings  for 
the  carrier  and  perhaps  customers. 

Sprint  has  MANs  deployed  in  17  markets 
and  says  it  will  have  local  fiber  networks 
deployed  in  30  markets  by  mid-2004.  But 
the  carrier  is  still  far  behind  competitors, 
which  have  almost  national  local  network 
coverage. 

The  carrier  is  using  its  local  networks  to 
connect  its  central  office  switch  sites  in 
each  metropolitan  area,  which  will  elimi¬ 
nate  local  mileage  charges  for  many  cus¬ 
tomers.  Sprint  also  is  using  its  networks  to 
connect  its  Sprint  PCS  switches  to  its  land¬ 
line  network. 

Although  Sprint  doesn’t  offer  business 
users  local  fiber  services  at  this  time,  cost 
savings  will  be  passed  on  to  users, says  Jim 
Patterson,  vice  president  for  access  at 
Sprint. Sprint  says  its  metropolitan  facilities 
will  reduce  expenses  greatly  by  eliminat¬ 
ing  the  need  for  leased  local  facilities  in 


cities  around  the  country  “The  cost  to  grow 
a  new  fiber  ring  is  still  85%  lower  than  our 
best  price  from  a  [local  exchange  carrier]  ” 
Patterson  says. 

Industry  experts  say  the  plan  has  merit. 

“Access  has  been  a  big  cost  for  Sprint 
because  they’ve  leased  facilities  from 
LECs,  except  in  cities  where  Sprint  is  the 
incumbent  LEC,”says  Ron  Kaplan,  an  ana¬ 
lyst  at  IDC. 

Sprint  is  deploying  its  own  fiber  strands  in 
some  cities  and  in  others, such  as  Atlanta.it 
is  leasing  dark  fiber.  The  carrier  is  deploy¬ 
ing  Cisco’s  ONS  15454  SONET  Multiservice 
Platform  in  each  city  to  support  its  dense 
wavelength  division  multiplexer  over 
SONET  network  architecture. 

But  unlike  competitors,  the  carrier  is  not 
offering  direct  fiber  connectivity  to  multi¬ 
tenant  buildings  or  large  campus  sites. 
Sprint’s  MAN  deployment  is  designed  to 
more  efficiently  support  its  network  over¬ 
all. “We  will  use  the  networks  to  offer  cost- 
effective  solutions  for  our  customers,” 
Patterson  says. “Any  and  all  customers  will 
be  able  to  benefit.” 


Sprint  is  making  headway  with  its  MAN 
rollout,  but  it  is  far  behind  its  competitors. 

“Both  WorldCom  and  AT&T  have  fairly 
extensive  metro  networks,  which  stem 
from  [competitive]  LEC  acquisitions," Kap¬ 
lan  says. 

WorldCom  has  local  networks  in  90  mar¬ 
kets.  It  also  offers  local  network  services. 

AT&T  has  local  networks  in  67  markets.  It 
has  156  switches  deployed  and  7,500 
SONET  rings.  AT&T  doesn’t  plan  to  roll  out 
local  support  in  additional  markets  in  the 
near  term,  but  instead  says  it  will  continue 
to  upgrade  its  existing  networks,  an  AT&T 
spokesman  says. 

Sprint  has  639  SONET  rings  deployed. 

“Sprint  will  not  be  catching  up  anytime 
soon,”  Kaplan  says.  ■ 

More  online! 

Our  new  MANs  links  area 
will  get  you  to  MAN 
papers  and  resources. 

DocFinder:  4731 


Managing  collaboration  can  be  challenging. 
That’s  why  there’s  Windows  XP  and  Office  XP. 


Recognize  any  of  those  issues?  Or,  perhaps,  all  of  them?  We  thought  so. 
Many  of  these  issues  can  be  related  to  your  legacy  desktop  software; 
fortunately,  many  of  them  can  be  addressed  by  features  in  Microsoft  * 
Windows*  XP  Professional  and  Office  XP  Professional.  Want  specific 
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examples?  Windows  XP  Professional  offers  built-in  audio  and  video-con¬ 
ferencing  capabilities  that  make  the  whole  experience  easy  and  intuitive 
for  your  end  users.  With  the  Send  for  Review  feature,  Office  XP  Professional 
lets  users  easily  assign  roles  to  everyone  involved  in  the  document  review 


cycle,  while  automatically  providing  the  correct  tools  for  each  reviewer 
and  allowing  changes  to  be  easily  merged  back  into  the  original  document. 
And  finally,  several  new  features  make  deployment  easier  than  ever.  For 
more  ideas  about  managing  your  desktops,  visit  microsoft.com/desktop 
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Plenty  of  companies  are  looking  to 
outside  providers  to  host  their  Web 
sites,  which  is  why  the  Web  hosting 
market  reportedly  is  growing  at  a  healthy 
clip.  In  some  cases  these  are  simple  mar¬ 
keting  sites;  in  others,  they’re  complex  busi- 


With  Ampiify.net's  /SurfJanus,  WAN  redundancy  is 
literally  a  "No  Brainer"  decision  for  you! 


How  to  pick  a  Web  hosting  provider 


ness-to-business  transaction  environments 
or  application  portals. 

When  looking  for  an  outside  hosting  pro¬ 
vider,  consider  this  criteria: 

•  Bandwidth  and  Internet  connectivity. 
Network  connectivity  is  an  important  com¬ 
ponent  of  performance.  If  your  site  will  be 
trafficked  heavily  ask  the  provider  for  a 
schematic  detailing  the  peering  arrange¬ 
ments  and  Internet  connectivity.  Many 
providers  will  boast  of  their  “OC-3  connec¬ 
tions."  That’s  nice.  But  OC-3  connections  to 
what?  If  the  answer  is  a  fifth-tier  ISP  high 
bandwidth  doesn’t  buy  you  much  because 
latency  and  congestion  at  the  peering 
points  can  slow  down  your  traffic  big  time. 

•  Server  and  data  center  architecture. 
Most  providers  will  distinguish  between 
Windows  NT  and  Unix,  and  shared  or  ded¬ 
icated  servers.You  also  should  know  how 
many  servers  they  have,  how  well  con¬ 
nected  they  are  and  what  type  of  storage 
subsystems  are  in  use.  Are  the  servers  sym¬ 
metric  multiprocessing  machines?  Are 
they  clustered?  How  often  are  files 
backed  up?  The  answers  will  give  you 
insight  into  the  reliability  and  perfor¬ 
mance  of  your  site. 

•  Security.  If  your  site  contains  more  than 
marketing  information,  you'll  need  to  con¬ 
sider  advanced  security  measures.  Does 
the  provider  offer  encryption?  User  authen¬ 
tication  beyond  simple  password  protec¬ 
tion?  Links  to  two-factor  authentication  or 
Lightweight  Directory  Access  Protocol 
directories  for  policy  information?  De¬ 
pending  on  the  site’s  purpose,  any  or  all  of 
these  might  be  applicable. 

•  Support  and  service-level  agreements. 
This  one’s  the  real  kicker.  Committing  to  a 


hosting  provider  means  signing  on  to  a 
potentially  long-term  relationship.  You 
should  know  going  into  the  deal  what  sort 
of  service  and  support  you  expect,  and  get 
the  provider  to  commit  to  it  in  writing. 
Around-the-clock  phone  support  is  a  start. 
But  what  about  mean  time  to  respond 
and  mean  time  to  repair?  What  commit¬ 
ments  will  your  provider  make  regarding 
your  site’s  online  performance?  How  will 
the  provider  notify  you  if  something’s 
gone  wrong?  Do  you  require  in-person 
support?  (If  so,  a  local  provider  might  be 
the  best  bet.) 

There’s  no  single  correct  answer  to  which 
provider  is  best.The  right  provider  for  your 
organization  depends  on  your  relative 
weighting  of  these  and  other  requirements. 

Organizations  needing  a  high  degree  of 
security  should  consider  providers  such  as 
ServerVault,  which  specializes  in  secure 
hosting. 

Organizations  that  want  personalized 
service  and  support  often  find  that  local 
outfits  do  the  best  job  —  one  large 
Midwestern  retailer  has  nothing  but  praise 
for  Berbee  Information  Networks,  a  rela¬ 
tive  unknown. 

Still  other  companies  turn  by  default  to 
their  telecom  providers,  even  though  tele 
phone  companies  don’t  always  live  up  to 
their  potential  as  hosting  providers. 

Your  best  bet  is  to  create  a  weighted  list 
of  your  requirements  and  rate  prospective 
providers  against  it. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


•  "No  Brainer"  Price 

•  "No  Brainer"  Installation 

•  "No  Brainer"  Interoperability 

•  "No  Brainer"  ROI 


Say  goodbye  to  slow  and  expensive  ISDN  or  analog  backup  today 
cod  give  your  WAN  the  redundancy  it  deserves! 


ror  more  information 
and  to  receive  our  whitepaper, 
rafi  Amplify.net  at  (510)  360-6070, 
or  e-mail  info@amplifynet.com. 
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introducing  the  iSurtianus™  Family  of  Multi-Homed  WAN  Gateways 
for  your  Business  Continuity! 


Enables  you  to  combine  up  to  3  WAN  lines  (T1 ,  Frame  Relay,  DSL,  cable  and 
wireless)  via  high  speed  Ethernet  ports  connected  to  the  same  or  different  ISPs  to  give 
your  network  automatic  WAN  backup,  fail-over  and  recovery,  secured  with  firewall 
and  VPN.  With  its  built-in  dynamic  WAN  load  balancing,  you  also  get  the  extra 
benefit  of  expanded  bandwidth. 


Lucent  GEO  cautiously  hopeful 


■  BY  SUMNER  LEMON 

After  watching  the  bottom  fall  out  of  the 
global  telecom  equipment  market  in 
2001  and  2002,  Lucent  says  it’s  standing 
on  more  solid  ground  these  days.  But  the 
company’s  chief  executive  warned  last 
week  at  a  conference  in  Hanover,  Ger¬ 
many,  that  there  are  few  signs  a  full  recov¬ 
ery  is  on  the  way. 

“Last  year,  [capital  expenditure]  spend¬ 
ing  declined  48%, ”  said  Patricia  Russo, 
Lucent’s  chairwoman  and  CEO.“When  you 
are  experiencing  declines  at  that  level  in 
those  time  frames,  that’s  pretty  dramatic.” 

As  dramatic  as  those  declines  have  been 
on  Lucent,  which  does  two-thirds  of  its 
business  in  North  America,  she  says  the 
rate  of  decline  has  slowed  and  this  might 
hint  that  the  worst  is  over  for  telecom 
equipment  makers. 

“You  get  to  a  point  where  service 
providers  must  spend  on  maintaining  their 
networks,”  Russo  said,  adding  that  relatively 
strong  demand  in  China  and  India  also  has 
helped  shore  up  business. 

However,  that  doesn’t  mean  a  full  recov¬ 
ery  is  in  the  works  for  equipment  vendors. 


Russo  expects  to  see  fixed-line  capital 
expenditure  in  North  America  drop  by 
10%  to  15%  during  2003  and  noted  that 
some  analysts  have  predicted  that  some 
sort  of  recovery  might  occur  in  2004. 
However,  Russo  stopper]  short  of  backing 
those  predictions. 

“You  begin  to  feel  that  things  are  stabiliz¬ 
ing  but  not  yet  recovering,” she  said. “That’s 
why  I’ve  been  reluctant,  and  everybody’s 
been  reluctant,  to  call  a  bottom  to  the 
industry  yet.” 

Adding  to  the  uncertainty  are  ongoing 
economic  and  geopolitical  issues  that 
threaten  to  postpone  any  recovery  in  ser¬ 
vice  provider  spending  on  new  telecom 
equipment, she  said. 

“There’s  just  a  lot  of  overhang  right  now,” 
Russo  said. 

While  the  market  might  face  a  significant 
amount  of  uncertainty  over  the  next  12 
months,  Russo  is  confident  that  better 
times  lie  ahead  for  equipment  makers.“The 
market  for  telecommunication  equipment 
will  ultimately  recover? she  said. 

Lemon  is  a  correspondent  with  the  IDG 
News  Service's  Taipei  bureau. 


FOR  TYING  TELEWORKERS  TO  THE  ENTERPRISE 


Take  control  of  telework  support 

Partnering  with  a  managed  broadband  provider  can  reduce  costs,  ease  administration. 


■  BY  TONI  KISTNER 

The  Boys  and  Girls  Clubs  of  America 
turned  to  telework  in  1999  to  ease  the  trav¬ 
el  burden  of  its  regional  service  directors. 
Traditionally  directors  worked  out  of  re¬ 
gional  offices  but  spent  much  of  their  time 
traversing  hundreds  of  miles  to  visit  each 
club  that  was  their  responsibility  By  instead 
relocating  directors  in  home  offices,  the 
organization  could  reduce  travel  time  and 
costs,  and  increase  productivity 

There  was  only  one  problem. The  organi¬ 
zation's  IT  department,  headquartered  in 
Atlanta,  didn’t  have  the  resources  to  sup¬ 
port  the  home  workers.  So  it  turned  to  Net- 
ifice  Communications  (at  the  time  called 
TeleCommute  Solutions)  to  handle  every¬ 
thing  from  home  office  setup,  to  broad¬ 
band  and  VPN  provisioning,  to  tech  sup¬ 
port  and  remote  monitoring. 

Bill  Regehr,The  Boys  and  Girls  Clubs’ CIO 
and  retired  IT  executive  at  IBM,  is  particu¬ 
larly  impressed  with  Netifice’s  24-7  help 
desk.  “You  call  the  800  number,  and  they 
know  who  you  are  and  what  you  need. 
Companies  just  don’t  get  it.They  think  they 
can  do  this  themselves.You  can  provide  24- 
7  yourself?  In  reality,  the  remote  user  just 
has  to  fend  for  himself.” 

Telework-focused  companies  such  as 
Netifice  and  TManage  have  offered  man¬ 
aged  services  and  consulting  for  about  five 


Takes 

■  Unksys  and  SMC  Networks 

last  week  each  announced  new 
802.1 1a/g  wireless  PC  Cards.  (Net- 
gear  announced  its  Dual  Band 
802.11a/b/g  PC  Card  earlier  this 
month.)  The  adapters  let  users  con¬ 
nect  to  any  flavor  of  wireless  net¬ 
work:  2.4-GHz  802.11b,  5-GHz 
802.11a,  as  well  as  to  devices  using 
the  predraft  specification  of 
802.11g.The  Linksys  A+G  PC  Card 
and  SMC  EZ  Connect  Universal 
2.4GHZ/5GHz  Wireless  CardBus 
Adapter  cost  $100  each.  The 
Linksys  card  is  available  now;  the 
SMC  card  by  the  end  of  the  month. 


years.  But  with  the  increase  of  corporate 
workers  using  high-speed  connections  to 
access  the  network  off-hours  and  while 
traveling,  the  broader  category  of  managed 
remote  access,  or  managed  broadband, 
has  begun  taking  shape.  Other  vendors 
include  Axcelerant  and  MegaPath,  as  well 
as  dial-up  services  companies  iPass  and 
Fiberlink,  which  also  offer  high-speed 
access  via  802.11b  hot  spots.  EPresence, 
formerly  Banyan  Worldwide,  also  just 
released  bbVPN,  its  broadband  provision¬ 
ing  and  management  product.  AT&T  and 
Verizon  have  offerings,  as  do  system  inte¬ 
grators  Electronic  Data  Systems  and 
CompuCom. 

Most  providers  offer  line  provisioning 
(some  mix  of  DSL,  cable,  ISDN,  analog,  and 
the  like),  as  well  as  installation,  managed 
VPN  and  firewall  services,  worldwide  dial¬ 
up  access,  service-level  agreements  (SLA) 
and  consolidated  billing.  Some  providers, 
including  TManage  and  Netifice,  will  set  up 
home  offices  on-site,  while  others  send  out 
the  equipment  they  configure  remotely 
TManage  continues  to  offer  Web-based 
telework  training  but  no  longer  actively 
pursues  the  consulting  business. 

Services  cost  $100  to  $140  per  user  per 
month, and  appeal  most  to  companies  that 
already  outsource  their  VPN  and  firewall 
services,  and  want  to  consolidate  remote 
and  mobile  workers’ services,  as  well  as  de- 


One  caveat  is  that  recently  Gartner 
warned  users  against  buying 
802. 11g  prestandard  products,  cit¬ 
ing  interoperability  concerns  with 
other  802. 1 1  g  devices  and  older 
802.11b  gear,  www.linksys.com; 
www.smc.com 

■  Technology  support  and  services 
firm  Symbiat  recently  announced 
a  partnership  with  DataAssure  to 
offer  small  to  midsized  businesses 
secure  data  archiving  and  auto¬ 
mated  backup.  Once  the  data  is 
copied,  DataAssure  stores  the 
information  in  a  secure  vault  and 
catalogs  the  copy  for  use  when 
restoration  is  required.  Pricing  is 
available  by  request. 
www.symbiat.com 


crease  costs. 

“IT  folks  are  running  out  of  places  to 
squeeze  that  extra  4%  of  cost,”  says  Netifice 
CTO  Jeff  Pompeo.  “So  they’re  looking  for 
smaller  things,  like  a  way  to  take  1,000 
remote  people  with  dial-up  accounts  plus 
DSL  accounts  they  bought  themselves  that 
they’re  expensing,  put  it  all  together,  take  a 
little  cost  out  and  centrally  manage  it.” 

Costs  vs.  worth 

But  the  cost  issue  is  tricky  On  one  hand, 
these  companies  make  it  possible  to  provi¬ 
sion  residential  broadband  services  for 
business  use,  saving  money.  Contracting 
with  Verizon  or  Comcast  can  cost  about 
$90  (per  user  per  month)  for  business-class 
service.  On  the  other  hand,  services  from 
remote  access  service  providers  cost  more 
than  that,  so  make  sure  the  additional  ser¬ 
vices  you’re  buying  —  such  as  managed 
VPN,  firewall,  help-desk  support,  SLAs  — 
are  worth  the  price. 

Remote  management  and  monitoring 
are  integral  pieces  of  these  offerings. 
Typically  vendors  provide  a  Web-based 
management  interface  that  lets  network 
executives  view  and  make  adjustments  to 
user  endpoints. TManage’s  application  lets 
you  check  the  status  of  an  order  or  trouble 
ticket,  and  view  users’  various  stages  of 
broadband  deployment. 

The  vendor  monitors  and  troubleshoots 
connections  remotely.  Netifice  can  monitor 
VPN  connections,  so  when  a  user’s  con¬ 
nection  goes  down, Netifice  can  determine 
whether  the  broadband  connection  or  the 
VPN  is  the  problem.  It  will  monitor  other 
devices  on  the  corporate  network,  such  as 
an  existing  firewall,  and  can  set  security 
policies  that  send  an  alert  when  a  remote 
worker’s  firewall  or  VPN  tunnel  is  shut 
down  or  a  nonwork  laptop  tries  to  connect 
to  the  corporate  network. 

Netifice  is  the  only  company  in  the  field 
to  offer  private  IP  network  services  be¬ 
cause  of  its  acquisition  of  ISP  Epoch  Inter¬ 
net  last  year. The  company  now  offers  both 
off-net  broadband  and  VPN  services,  as 
well  as  on-net  VPN  service  that  keeps  data 
traffic  off  the  Internet,  to  enhance  security 
and  increase  reliability  “Customers  often 
use  a  mix  of  on-net  for  users  in  larger  cities, 
and  off-net  for  users  who  live  in  remote 
areas,”  Fbmpeo  says. 

David  Willis,  vice  president  of  infrastruc¬ 
ture  strategies  for  Meta  Group,  has  mixed 
feelings  about  Netifice’s  model.  “Com- 


Remote  access 
services  skinny 

Match  your  users’  needs  with 
these  managed  offerings 

Axcelerant  Managed  Broadband  Services 

www.axcelerant.coin 

Services:  Broadband  provisioning,  VPN,  firewall 

ePresence  Remote  Access  Management 
Service 

www.epresence.com 
Services:  Broadband  provisioning 

-  v  -  -V -  .  -- 

Fiberlink  Secure  Broadband 

www.nberlink.com 

Services:  Dial-up .  broadband  via  802.11b  hot  spots. 
VPN.  firewall 

Gric  Mobile  Office 

www.gric.com 

Services:  Dial-up,  broadband  via  802.11  hot  spots 

iPass  Corporate  Access 

www.ipass.com 

Services:  Dial-up,  broadband  via  802.11  hot  spots 

MegaPath  Networks  SecureConnect  VPN 

www.megapath.net 
Services:  Dial-up,  broadband,  VPN 

Netifice  Communications  Workforce  Connect 

www.netifice.com 

Services:  Broadband,  dial-up,  VPN,  firewall,  private 
network,  videoconferencing 

TManage  Home  Office 

www.tmanage.com 

Services:  Broadband,  VPN,  firewall,  dial  back-up 


panies  like  this  always  end  up  in  conflict 
with  selling  on-net  services  that  justify 
their  existence,  and  selling  off-net  ser¬ 
vices  and  being  network  agnostic.  The 
whole  reason  they  exist  is  because 
Verizon  and  Comcast  don’t  have  a  big 
enough  footprint.  Historically,  it’s  been  a 
liability  to  have  your  own  VPN  backbone. 
Costs  are  higher,”  he  says. 

It’s  also  important  to  keep  in  mind  these 
companies  can  make  broadband  connec¬ 
tions  only  so  reliable.  Not  even  Netifice’s 
private  IP  network  can  provide  100%  up¬ 
time  for  the  last  mile  of  the  broadband 
connection.  If  your  remote  workers  need 
more  reliable  connections,  you’ll  need  to 
rethink  frame  relay  service.  ■ 
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SHAPING  YOUR  NETWORK 


Application-layer  VPNs  guard  access 
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An  application-layer  VPN  acts  as  a  proxy  between  users  and  application  servers. 
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application-layer  secured  via  SSL  and  sent  policy,  and  translates  data  to  RDP  and  HTTP)  to 
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■  BY  KEN  ARAUJO 

Application-layer  VPNs  are  generating 
lots  of  attention  these  days.  Proponents  cite 
the  technology’s  ability  to  provide  secure 
remote  access  to  a  broad  spectrum  of  ap¬ 
plications  and  network  resources.  But  what 
exactly  are  application-layer  VPNs,  and 
how  do  they  differ  from  traditional  VPNs? 

Unlike  traditional  IP  Security  (IPSec)- 
based  VPNs,  which  operate  at  Layer  3  (the 
network  layer)  of  the  Open  Systems  Inter¬ 
connection  model,  application-layer 
VPNs  operate  at  Layer  7  (the  application 
layer).  Operating  at  Layer  7  provides  visi¬ 
bility  into  application  data,  giving  net¬ 
work  administrators  new  opportunities  to 
enforce  security  policy  for  remote  appli¬ 
cation  access. 

The  central  element  of  an  application- 
layer  VPN  is  the  application-layer  proxy  typ¬ 
ically  provided  in  the  form  of  a  dedicated 
network  appliance.  The  proxy  offers  a  sin¬ 
gle  point  of  administration  while  acting  as 
a  sentinel  to  the  private  network  behind 
the  firewall. 

An  application-layer  VPN  acts  as  an  inter¬ 
mediary  between  remote  client  requests 
and  server-based  applications.lt  terminates 
incoming  connections  from  remote  users 
at  the  application  layer,  processes  the  data 
and  then  translates  the  data  to  the  appro¬ 
priate  application  protocol.  During  this  ter¬ 
mination  gap,  the  VPN  analyzes  application 
information,  applies  security  policy  and 
serves  as  a  gatekeeper  between  the  Inter¬ 
net  and  the  private  network. 

An  application-layer  VPN  runs  client 
and  server  versions  of  an  application  on 
a  single  server,  eliminating  the  need  for  a 
client  on  the  remote  PC.  For  Windows 


applications,  client  and  server  versions 
are  installed  on  a  Windows  Terminal 
Server,  which  uses  Microsoft  Remote 
Desktop  Protocol  (RDP)  to  negotiate  the 
remote  user’s  input  with  the  application’s 
responses. 

Remote  users  launch  a  browser  and 
enter  the  URL  of  the  application-layer  VPN 
appliance.  Secure  Sockets  Layer  (SSL)  is 
used  to  encrypt  all  data  from  the  user’s 
browser  to  the  application-layer  proxy  SSL 
provides  strong  security,  and  most  Web 
browsers  incorporate  it. 

The  application-layer  VPN  enforces  pol¬ 
icy  during  the  termination  gap  by  polling 
external  authentication  and  policy 
servers,  such  as  Active  Directory  or  Light¬ 
weight  Directory  Access  Protocol,  to  cer¬ 
tify  user  identities  and  authorize  specific 
application  access. 


From  this  point,  the  browser  sends  lega¬ 
cy  application  data  to  the  proxy  via  a  thin- 
client  application  protocol.  In  turn,  the 
proxy  terminates  and  translates  this  proto¬ 
col  to  RDP  and  delivers  it  to  the  applica¬ 
tion  server. 

Application-layer  VPNs  also  work  well 
with  Web-based  and  intranet  applications, 
allowing  secure  remote  access  without 
exposing  nonhardened  intranet  servers  to 
outside  attack.  The  proxy  terminates, 
examines  and  rewrites  HTTP  requests. 
Remote  users  then  receive  Web  applica¬ 
tion  resources  as  defined  by  policy  and 
security. 

User  requests  are  not  sent  directly  to  the 
application  server,  but  are  terminated  in 
the  VPN  appliance,  processed  with  policy 
and  security  and  translated  to  the  appro¬ 
priate  back-end  protocol,  and  then  trans¬ 


mitted  to  the  application  server. 

This  model,  with  the  application-layer 
VPN  functioning  as  a  proxy  enforcing 
authentication  and  policy  before  letting 
the  data  streams  reach  the  application 
server,  protects  private  networks.  In  an 
IPSec  VPN,  by  comparison,  user  requests 
go  across  the  network  layer  and  access  an 
entire  enterprise  network. 

Because  application-layer  VPNs  can  pro¬ 
vide  secure  remote  access  to  a  range  of 
applications  and  give  network  administra¬ 
tors  flexible  control  over  who  can  access 
those  applications,  the  technology  will 
become  increasingly  important  for  enter¬ 
prise  network  and  security  architects. 

Araujo  is  CTO  at  Netilla  Networks.  He 
can  be  reached  at  ken_araujo@ 
netilla.com. 


Dr.  Internet 


By  Steve  Blass 


Our  company  is  looking  to  change  from  frame 
relay  to  VPN  between  two  locations  within  the 
same  country.  Can  this  happen,  and  what  type  of 
VPN  would  we  need  for  that? 

Replacing  frame  relay  with  a  VPN  usually  means 
rerouting  the  existing  frame  relay  traffic  securely 
over  the  Internet.  The  existing  network  traffic,  the 
existing  network  infrastructure  and  the  network 
services  available  at  each  location  strongly  influ¬ 
ence  the  implementation  choices.  Take  an  inven¬ 


tory  of  the  existing  frame  relay  network  traffic 
types.  Once  the  collection  of  protocols,  applica¬ 
tion  types  and  usage  patterns  is  understood, 
you  can  engineer  a  solution  to  meet  the  require¬ 
ments.  VPNs  supporting  large-volume  server-to- 
server  applications,  and  possibly  SNA  main¬ 
frame  traffic,  often  require  hardware  products 
beyond  the  LAN  VPN  services  mobile  users 
need.  Router-to-router  products  commonly  are 
used  between  static  locations.  Cisco,  Linksys, 
Nortel  and  others  provide  Internet  tunneling, 


security,  encryption  and  VPN  routing  capabili¬ 
ties  to  meet  most  station-to-station  VPN  needs. 
Go  to  www.freeswan.org  for  information  on 
building  secure  WAN  connections  over  the 
Internet  using  Linux  —  your  Microsoft  manual 
describes  how  to  build  VPNs  with  Windows 
servers. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.internet@ 
changeatwork.  com. 
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GEAR HEAD 
JKSIDE  THE 
NETWORK 
MACHINE 

Mark 
Gibbs 


Last  week  we  began  a  discussion  on 
the  language  PHP  with  a  small  digres¬ 
sion  on  its  name.  According  to  many 
of  those  who  see  PHP  as  a  way  of  life,  the 
name  is  a  recursive  acronym  that  stands  for 
“PHP:  Hypertext  Processor’’ 

We  need  to  correct  this.  Adam  Gaffin,  the 
executive  editor  of  Network  World  Fusion 
and  chief  smart  aleck, pointed  out  that  PHP 
originally  was  called  “R?rsonal  Home  Page” 
—  a  name  so  unsexy  that  a  touch  of  revi¬ 
sionism  was  a  must. 

Anyway,  last  week  we  discussed  the  back¬ 
ground  and  attributes  of  the  language,  and 
we  concluded  with  the  usual  “hello  world” 
example. 

This  week  we’ll  take  a  deeper  look  at  PHP 
programming. We  won’t  dwell  too  much  on 
the  basics  of  PHRas  much  of  the  nuts  and 
bolts  are  similar  to  Microsoft’s  Active  Server 
Page  (ASP)  technology  We’d  recommend  a 
rather  useful  review  by  Jalal  Pushman  that 
compares  PHP  with  Visual  Basic,  ASR  Perl 
and  Java  (for  more  information  go  to 


Technology  Update _ 

More  Zen  of  PHP 

www.nwfusion.com,  DocFinder  4732). 

PHP  variables  —  which  are  always  pre¬ 
fixed  by  a  dollar  sign  as  in  $avar  or 
Sacounter  —  do  not  have  to  be  declared 
before  you  use  them;  they  automatically 
are  declared  when  a  value  is  assigned.  For 
example,  the  variable  Sname  is  created  by 
assigning  a  string  value  and  is,  not  surpris¬ 
ingly,  of  the  type  string : 

Sname  =“Gearhead”; 

Note  the  semicolon  —  it  is  required  at 
the  end  of  every  statement.  Also  note  that 
variables  are  case-sensitive  (that  is,  Sname 
and  SName  are  different  variables)  but 
everything  else,  such  as  PHP  keywords 
and  function  names,  are  not. 

Unfixed  variables 

PHP  variables  also  are  “loosely  typed  (that 
is,  their  type  (integer,  double,  string, 
Boolean,  object  or  array)  isn’t  fixed  and 
can  be  changed  with  wild  abandon.  This 
means  that  you  can  do  things  such  as  pre¬ 
fix  single-line  comments  with  u#”,  and 
frame  multiline  comments  with  7*  ...  */”): 


Savar  =  “The  year  is”; 

#  Savar  is  created  as  a  string  type 
Sbvar  =  Savar; 

#  Sbvar  is  created  as  string  type  by  being 
assigned  the  value  of  Savar 

Savar  =  2003; 


*  Savar  now  becomes  an  integer  by 
being  assigned  an  integer  value 

Savar  =  (Sbvar .  Savar); 

/*  the  value  of  Savar  is  forced  to  be  a 
string  type  by  the  string  concatenation 
operator  and  the  result  of  the  concatena¬ 
tion  with  Sbvar  is  assigned  to  Savar  which 
forces  the  type  of  Savar  to  become  a  string 
again.  Whew.  */ 

Now  check  this  out: 

print  2003  +“2003”; 

The  addition  operator  converts  the  string 
“2003”  to  an  integer,  adds  it  to  the  integer 
2003  and  passes  the  result,  the  integer 
4006,  to  the  print  function,  which  in  turn 
converts  the  value  to  a  string  and  outputs 
it.  If  you  need  to  you  can  ‘force’  the  type  of 
variable  with  a  “cast  operators”: 

Savar  =  2003; 

Sbvar  =  (string)  Savar; 

Or  you  can  use  settype(): 

Savar  =  2003; 

settype($avar, “string”); 

Sbvar  =  Savar; 

The  difference  between  these  last  two 
examples  is  that  the  first  leaves  Savar  as 
an  integer  and  the  second  forces  the  vari¬ 
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able  to  become  a  string. 

An  important  thing  to  remember  about 
PHP  is  that  there  are  three  operations  that 
you  need  to  distinguish  between:  assign¬ 
ment,  equality  and  identity  Each  has  its 
own  operator:  Assignment  is  “=”  (make  the 
variable  on  the  left  equal  to  the  variable  on 
the  right);  equality  is“=”  (test  the  variable 
on  either  side  to  see  if  they  are  equal  in 
value);  and  identity  is  “=”  (test  the  vari¬ 
able  on  either  side  to  see  if  they  are  equal 
in  value  and  type). 

The  distinction  between  “=”  and  “="  is 
crucial,  as  the  following  code  will  not,  as 
you  might  have  expected,  test  the  vari¬ 
ables  to  see  if  they  are  equal: 

if($avar  =  $bvar) 

This  will  evaluate  to  FALSE  if  Sbvar  is  an 
empty  string,  the  string  “0”  or  the  integer  0; 
otherwise  it  will  evaluate  to  TRUE. The  rea¬ 
son  is  that  PHP  first  evaluates  “Savar  = 
Sbvar”  and  assigns  Savar  the  value  of  Sbvar 
(whatever  that  is)  and  then  tests  Savar,  the 
result  of  the  first  operation!  Yep,  it  s  odd  but 
you’ll  get  used  to  it  quite  quickly. 

PHP  is  really  good  at  string  manipulation. 
See  the  article  by  Nathan  Wallace  on  PHP’s 
string  handling  for  a  good  primer  (see 
resources  at  DocFinder:  4732). 

Next  week ,  PHP’s  object  model.  Classify 
yourself  to  gearhead@gibbs.com. 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


Vendors  push  Intel's  Gentrino 


Intel  last  week  announced  its  Centrino  mobile  technol¬ 
ogy,  which  combines  a  new  mobile  processor,  chipset 
and  integrated  wireless  LAN  connectivity.  The  Centrino 
technology  also  aims  to  extend  battery  life  and  improve 
performance  for  notebooks,  the  company  says. The  tech¬ 
nology  includes  the  Pentium  M  processor  (at  speeds  of 
1.3  GHz  through  1.6  GHz),  the  Intel  855  chipset  family 
(supporting  discrete  graphics  or  integrated  Intel  Extreme 
Graphics  2  technology),  and  the  Intel  PRO/ 
Wireless  2100  Network  Connection  for  802.11b  wireless 
LAN  connectivity  The  technology  also  is  available  in  a 
low-voltage  processor  at  1.1  GHz  and  ultralow-voltage 
processor  at  900  MHz. 

In  addition  to  the  new  technology,  Intel  said  it  will  work 
with  public  hot  spot  vendors  to  promote  wireless  com¬ 
puting  and  introduced  the  Centrino  brand  logo  to  let 
users  know  that  a 
wireless  hot  spot 
was  available. 

If  this  logo  pro¬ 
gram  is  anything  like 
the  Intel  Inside  campaign, 
expect  to  see  lots  of  logos 
around  airports,  coffee  shops  and 
hotels.  ^ 

Several  notebook  manufacturers 
announced  new  models  that  include  the 
Centrino  technology: 


•  Chem  USA  (www.chemusa.com)  an¬ 
nounced  three  notebooks  —  the  ChemBook 
2300  series,  the  2050  Series  and  2202  series  of 
notebooks.  The  2300  series  is  a  two-spindle 
design  notebook  with  14-inch  XGA/SXGA+ 
display  and  starts  at  $1,500.  It  includes  the 
Pentium  M  processor  with  speeds 
between  1.3  GHz  and  1.6  GHz. 

The  device  measures  8.2  by 
10  by  1.2  inches  and  weighs 
about  5  pounds,  Chem  USA 
says. 

The  2050  series  includes  the  855GM 
chipset,  and  has  a  14.1-inch  LCD,  Chem 
USA  says.  It  measures  12.99  by  10.74  by 
1.17  inches  and  weighs  about  5.9 
pounds. The  notebook  is  priced  starting  at  $1,560. The 
2202  series  starts  at  $1,600  and  includes  the  Pentium  M 
processor,  optional  Bluetooth  and  802.11b,  and  two 
SDRAM  memory  slots  expandable  to  2G  bytes.  The 
notebook  includes  a  14.1-inch  TFT  LCD  screen,  mea¬ 
sures  12.4  by  10.8  by  1.1  inches  and  weighs  about  5 
pounds. 


Sony's  VAIO  PCG-Z1A  ditches  the 
purple  for  a  sleek  silver  finish. 


Fijjitsu's  LifeBook  S6000 
offers  speeds  up  to  1.4  GHz 


•  FujitsuPC’s  (www.fujitsupc.com) 
LifeBook  S6000  notebook  includes 
a  Pentium  M  processor  with  speeds 
of  1.4  GHz,  a  13.3-inch  TFT  display, 
up  to  1G  byte  of  FL\M  and  60G  bytes 
of  hard-drive  space. The  system  mea¬ 
sures  11.5  by  9.3  by  1.36  inches  and 
weighs  about  4.5  pounds  with  an  opti¬ 
cal  drive.  The  notebook  starts  at 

$1,500  and  will  be  available  in 
April,  FujitsuPC  says. 

•  Gateway’s  (www.gateway.com) 
Gateway  450  series  of  notebooks 

include  Pentium  M  processors  with 
speeds  of  1.3  to  1.6GHz,  14.1-  or  15-inch 
TFT  displays,  up  to  1G  byte  of  RAM,  and 
hard  drives  space  of  up  to  60G  bytes.  The  models  also 
offer  up  to  eight  hours  of  battery  life  with  a  built-in  six¬ 
cell  battery  or  more  than  five  hours  of  life  with  an  eight¬ 
cell  battery,  Gateway  says.  The  450  series  includes  two 
models  —  the  450X  (priced  starting  at  $1,600)  and  the 
450XL  (starting  at  $2,000). 

•  Sony’s  (www.sonystyle.com/vaio)  new 
VAIO  PCG-Z1A  notebook  comes  with 
a  14.1 -inch  SXGA+  display,  an 
integrated  CD-RW/DVD  combination 
drive  and  connectivity  ports  (including  USB 
2.0,  i. LINK  [IEEE  1394]  and  Memory  Stick).  Instead 
of  the  traditional  purple,  the  new  VAIO  comes  in 
silver  matte,  Sony  says.lt  will  be  available  by  the  end  of 
this  month  for  about  $2,400,  Sony  says. 

Shaw  can  be  reached  at  kshaw@nww.com. 


An  increasingly  mobile  workforce 
opens  your  network  up  to  a  host  of  threats, 
both  accidental  and  intentional. 


The  only  place  to  securely  meet  the  challenges  that  a  mobile 
workforce  brings  to  a  network  is  at  the  point  where  people  connect. 
The  HP  ProCurve  Adaptive  EDGE  Architecture  affordably  puts 
intelligence  and  control  at  the  edge  of  the  network,  giving  you  the 
power  to  easily  adapt  to  future  needs  as  new  wired  and  wireless 
mobility  solutions  are  implemented. 

With  industry-standard  switches  like  the  HP  ProCurve  5300x1  series, 
you  can  cost-effectively  deploy  user  and  security  applications  at  the 
point  of  connection.  It  immediately  recognizes  the  user  and  the  types 
of  services  and  access  they  are  permitted  to  have,  preventing 
unauthorized  traffic  and  potential  threats. 

Free  Network  Design  To  schedule  a  free  network  design  and  to 
learn  how  HP  ProCurves  affordable  solutions  can  help  you  meet 
current  and  future  needs  for  mobility,  security  and  convergence, 
call  1-800-477-6111,  ext.  41682,  or  visit  hp.com/go/procurve. 


hp  procurve 
5348x1 
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John  Dix 


Security 
requires  net 
knowledge 


How  would  you  like  to  be  able  to  close  the  books  on 
a  security  audit  just  like  you  do  a  financial  audit? 
That’s  the  goal  of  newcomer  Preventsys,  a  San 
Diego  start-up  that  is  just  coming  out  of  beta  testing  with  a 
network  auditing  and  policy  assurance  tool  designed  to 
help  companies  get  a  better  handle  on  security 
Today  of  course,  a  security'  audit  is  a  largely  manual 
process  involving  specialists  poring  over  security  policies 
and  then  spot-checking  the  network  for  compliance. 
Besides  being  slow'  and  expensive, sampling  means  the 
results  can  be  spotty 

While  we’ll  have  to  wait  to  see  if  Preventsys  can  make 
audits  faster  and  less  expensive,  it  does  seem  to  sidestep 
the  sampling  problem.  Instead  of  spot-checks,  the  com¬ 
pany’s  AudIT  Server  scans  an  organization’s  entire  address 
space  looking  for  what  talks  to  what,  and  available  ser¬ 
vices.  A  5,000-node  network  can  take  a  couple  of  hours  to 
size  up, says  company  co-founder  and  CTO  John  Williams. 

The  AudIT  Server  includes  a  harness  to  integrate  popular 
vulnerability  scanners  that  are  used  to  beat  on  specific 
types  of  resources,  looking  for  known  vulnerabilities.  Some 
scanners  come  with  the  box,  such  as  the  open  source 
Nessus  tool  that  scans  for  2,800  vulnerabilities,  while  Pre¬ 
ventsys  is  developing  still  others,  including  one  for  802. 1 1 
wireless  Ethernet  networks. 

Information  harvested  by  the  scanners  is  correlated  and 
normalized  into  XML  and  put  in  a  relational  database,  and 
customers  can  then  map  policies  to  it.  Policies  are  devel¬ 
oped  using  the  Preventsys  Policy  Lab  and  can  take  into 
account  everything  from  best  practices  to  government  reg¬ 
ulations,  and  specific  beliefs  about  what  makes  a  network 
sound,  Williams  says. 

For  example,  a  company  might  want  to  outlaw  FTP  on 
the  desktop,  or  only  sanction  use  of  a  certain  instant-mes¬ 
saging  client.  Once  coded  into  policy,  network  scans  will 
turn  up  exceptions  and  report  them  through  the  Prevent¬ 
sys  Management  Server. 

Williams  says  the  goal  is  to  identify  problems  before  they 
occur.  In  the  case  of  the  SQL  Slammer  worm,  his  tool 
should  have  revealed  SQL  servers  exposed  to  the  Internet, 
and  servers  not  upgraded  to  prevent  this  kind  of  attack. 

With  the  frequency  of  attacks  increasing,  potential  dam¬ 
age  escalating  and  regulations  getting  stiffer.it  seems 
inevitable  that  we’ll  have  to  turn  to  tools  such  as  those 
from  Preventsys  and  competitors  such  as  Security,  if  only 
so  we  can  sleep  at  night. 

Targeted  at  large  companies,  the  Preventsys  software 
costs  about  $350,000  for  a  5,000-node  network. 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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Keeping  .DOC  at  bay 

Regarding  Paul  McNamara’s  ’Net  Buzz  column 
about  .DOC  attachments  (www.nwfusion.com,  Doc 
Finder:  4722):  Too  many  times  IT  staffs  issue  edicts 
without  fully  understanding  the  effect  they  can  have 
on  end  users  actually  being  able  to  do  their  jobs. 
Oftentimes  IT  staffs  forget  they  are  there  to  support 
end  users,  not  control  them.  1  can’t  even  imagine  the 
loss  of  productivity  that  could  come  from  having  to 
explain  to  all  company  employees  how  to  save 
something  in  .ITTF  format.  Not  to  mention  that  those 
same  employees  (who  were,  say,  hired  as  adminis¬ 
trative  assistants,  not  IT  trainers)  would  have  to 
explain  how  to  do  so  to  anyone  that  wanted  to 
e-mail  them  an  attachment. 

If  that  is  the  only  solution  to  macro  virus  problems 
that  IT  staff  can  come  up  with,  they  are  morons. 
Macro  virus  problems  have  been  around  a  long 
time,  and  there  are  better  ways  to  address  them. 

Julie  Johnson 
Instructor,  High  Tech  Academy 
Mt.Vernon  High  School 
Fortville,  Ind. 

Computer  education 

Regarding  Mark  Gibbs’  Backspin  column  “More  on 
computers  in  education”  (DocFinder:  4723): 
Computer  technology  is  pushed  too  much  in 
schools.  I’m  an  engineer  and  have  worked  for 
several  start-ups,  and  I  think  schools  are  losing  sight 
of  the  fact  that  they  need  to  educate,  and  computers 
and  laptops  for  every  book  bag  aren’t  the  panacea. 

Newton  invented  calculus  without  a  computer. 
Shakespeare  didn’t  require  a  word  processor  and 
automatic  spell-checking  to  write  his  plays  and  son¬ 
nets.  We’ve  been  reading  for  centuries  without  the 

E-mail  tellers  to  jdix@nww.com  or  send  them  to  John  Dix.  Editor  In 
Chief,  Network  World,  118  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


need  for  computer  screens. 

Computers  make  great  research  tools.  I’m  visual;  I 
wish  some  of  the  math  visualization  programs  were 
around  when  1  was  taking  analytic  geometry. 
Language  programs,  which  require  tedious  repeti¬ 
tion,  are  perfectly  suited  to  computer  use. 

However,  the  buckets  of  limited  taxpayer  money 
being  spent  on  computers  that  become  obsolete  so 
quickly  should  be  spent  on  smaller  classrooms, 
improving  teaching  skills  and  raising  teachers’ 
salaries.  When  we  look  back  at  our  educations,  we 
remember  the  special  teachers  that  influenced  us, 
not  a  computer  program.  We  need  more  of  the  spe¬ 
cial  teachers,  not  more  computers  for  schools. 

Chuck  Crannell 
North  Chelmsford,  Mass. 

Racing  to  wrong  conclusion 

Regarding  Mark  Gibbs’  Backspin  column  “Racing  to 
instant  messaging”  (DocFinder:  4724):By  now  I’m 
sure  Gibbs  has  heard  the  basics:  that  the  Dan 
Aykroyd/Jane  Curtin  thing  was  a  running  gag  (not 
a  one-shot)  based  on  a  point/counterpoint  presen¬ 
tation  between  two  news  commentators  (not 
politicians)  such  as  used  to  be  presented  on  “60 
Minutes.”  As  such,  there  is  no  definitive  script, since 
Aykroyd  used  the  same  starting  line  each  time  the 
routine  was  presented  on  different  subjects. 

What’s  interesting  here  is  the  limitations  of  how 
much  “knowledge,”  if  any,  can  be  gained  through 
search  engines.  Gibbs  began  from  a  false  premise 
and  was  rapidly  able  to  find  an  answer  that  he 
believed  confirmed  the  error  as  fact.  Perhaps  it  sug¬ 
gests  a  new  game  one  could  play  with  Google 
where  one  starts  with  increasingly  strange  premises 
and  tries  to  find  confirmation  of  them  on  the 
Internet.  Actually  it’s  not  really  a  new  game;  they  play 
it  in  schools  today  and  it’s  called  “research." 

David  Leary 
Coventry  R.I. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  4721 


m 

MA(&VI.I£S. 

terwaeic  mat lO 


www.nwfusion.com 


3/17/03 


Netwni'kWorid 


EYE  ON  THE  INDUSTRY 

Barton  McKinley 


Reaching  out  to  the  unemployed 


L  aid-off  network  professionals  are  hurting.  They  are  often 
scorned  or  ridiculed  by  people  outside  the  technology  sector, 
scapegoats  for  the  high-tech  downturn. 

Worse,  former  colleagues  and  employers  often  ignore  them.  Guilt 
mixed  with  fear  that  the  laid-off  workers  are  angry  (which  many  are) 
underscores  anxiety  that  somehow  their  bad  luck  will  rub  off. 

These  people  are  caught  between  a  rock  and  a  hard  place.  Finding  lit¬ 
tle  or  no  work,  they  worry  And  along  with  others  who  have  lost  their 
jobs,  they  sometimes  lose  their  homes  and  suffer  from  depression. 

So  what  is  my  point?  Simply,  I  think  technology  firms  and  IT/network- 
ing  shops  should  do  more  to  help. There  is  potential  to  do  a  great  deal 
of  good,  helping  former  colleagues  to  learn,  network  and  most  impor¬ 
tantly  feel  less  isolated. 

There  is  precedence  for  this  idea.  For  example,  consider  the  open 
source  community  where  sharing  and  good  will  is  at  the  core  of  an 
overall  philosophy  Those  with  knowledge,  experience  or  tools  help  oth¬ 
ers  to  understand  or  set  up  systems  and  applications.  Everyone 
involved  increases  their  knowledge,  and  gains  confidence  and  a  sense 
of  community 

In  the  same  spirit,  network  technology  companies  should  share 
knowledge  with  laid-off  workers  to  help  them  stay  current  and  remain 
in  touch.  Using  e-mail,  seminars  and  the  Web,  they  could  share  infor¬ 
mation  on  developing  technology,  new  products  and  trends. 

As  an  act  of  good  will,  this  could  go  a  long  way  toward  helping  laid- 
off  workers  feel  they  have  not  been  completely  forgotten.  It  also  could 


help  spread  the  sponsoring  firm’s  technology  and  product  message. 
Finally  it  could  help  those  out  of  work  remain  somewhat  current,  so 
they  can  more  easily  re-enter  the  workforce. 

For  IT/networking  shops,  I  would  go  even  further.  Networking  staffs  are 
overburdened,  with  no  time  to  attend  to  nonessential  tasks.  If  there  is 
no  budget  for  help,  perhaps  laid-off  networking  staff  could  do  some  of 
the  work,  in  exchange  for  knowledge  and  experience. 

Of  course,  for  this  to  work,  both  parties  would  have  to  know  what  is 
expected  and  agree  to  it, preferably  in  a  memo  of  understanding.There 
should  be  no  false  hints  of  employment  or  long-term  commitments. 
There  might  be  waivers  to  sign  or  security  checks  to  complete.  Still, 
such  issues  are  easily  resolved  and  should  not  stand  in  the  way  of  the 
potential  gain. 

Is  this  altruistic?  Yes,  mostly  Is  it  out  of  touch  with  corporate  (espe¬ 
cially  financial)  strategies?Yes,probablyAs  most  companies  and  IT/net¬ 
working  shops  struggle  to  address  immediate  needs  and  to  improve  the 
bottom  line,  there  is  little  time  or  energy  to  think  ahead  or  try  some¬ 
thing  new. 

In  addition  to  achieving  business  success,  many  of  us  want  to  do 
something  to  make  the  world  a  better  place.  If  we  forget  the  ledgers  and 
problem  reports  for  a  bit,  we  might  find  that  this  is  our  chance. 

McKinley  is  a  seminar  leader  and  IT  consultant  specializing  in  net¬ 
working,  security  and  IT-business  alignment  strategies.  He  can  be 
reached  at  strategies@summit-com.com. 
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REALITY  CHECK 

Thomas  Nolle 


Last  month  the  FCC  issued  its  ruling  on 
unbundled  network  elements.  I’ve  been 
an  FCC  watcher  for  decades,  and  1  never 
heard  as  much  whining  after  an  order  as  this. 
It’s  not  uncommon  for  one  group  of  carriers 
or  another  to  be  disgruntled  after  an  FCC  rul¬ 
ing;  after  all,  these  guys  are  paying  good 
money  to  lobbyists  to  promote  their  causes.  But  this  time,  we  had  whin¬ 
ing  from  both  sides  of  the  debate  on  UNE  policy  and  FCC  Chairman 
Michael  Fbwell  was  the  biggest  whiner. There’s  been  so  much  whining 
to  the  media  that  it’s  hard  to  sort  out  what  happened. 

The  regional  Bell  operating  companies  won  it  all  with  broadband: 
Line  sharing  has  been  eliminated,  fiber  remotes  will  be  protected  from 
unbundling,  and  —  big  surprise  —  fiber  to  the  home  also  will  be  pro¬ 
tected.  That  disappointed  the  interexchange  carriers  (IXC),  with 
WorldCom  claiming  that  not  having  access  to  Bell  fiber  relegates  it  to 
“an  inferior  method  of  broadband  delivery!’ 

Where  the  RBOCs  lost  was  in  the  UNE-platform  area,  where  they’d 
hoped  (unrealistically)  that  the  FCC  would  eliminate  their  unbundling 
requirements  for  voice  services.  All  the  RBOCs  stood  up  and  threatened 
to  stop  modernizing  their  networks  if  the  decision  wasn’t  reversed. 
Their  whining  sent  network  equipment  stocks  into  a  spin  and  battered 
Wall  Street’s  confidence  (yet  again)  in  a  telecom  recovery 
But  if  the  RBOCs  and  IXCs  are  whining,  Fbwell  is  crying  us  a  river. The 
majority  of  the  FCC,  he  said,  has  “contorted  the  letter  and  spirit  of  the 
statute,”  made  “vague  and  solicitous  pronouncements,”  “delegated  its 
own  responsibilities”  and  committed  “reversible  error  Gosh,  that 
sounds  serious.  It’s  certainly  inconsistent  with  Fbwell’s  other  whine:  that 
the  majority  elected  to  end  line  sharing.  How  can  you  be  for  eliminat¬ 
ing  UNEs  and  against  eliminating  line  sharing,  which  is  a  UNE?  Must  be 
a  Washington  thing. 

All  this  whining  is  premature.The  whole  debate  on  UNE  policy  hinges 
on  a  simple  issue:  Will  the  FCC,  in  the  published  order,  provide  sub¬ 
stantive  guidelines  for  determining  whether  the  lack  of  a  given  unbun¬ 
dled  element  will  cause  “impairment"  in  the  language  of  the 


An  industry  of  whiners 


Telecommunications  Act  of  1996?  If  it  provides  those  guidelines, 
there’s  every  reason  to  believe  that  the  courts  would  uphold  them, 
and  that  the  states’  role  in  setting  unbundling  policy  would  be 
reduced.  Suppose  the  FCC  gave  precise  formulas  on  how  much  com¬ 
petitive  access,  or  switching,  had  to  be  available  in  a  given  area  so  to 
free  the  incumbent  local  exchange  carrier  from  unbundling  there? 
Would  that  create  chaos  and  anarchy,  just  because  the  states  then 
filled  in  the  blanks  on  the  formula?  The  FCC  easily  could  publish 
guidelines  on  UNE  policy  that  would  have  the  effect  of  removing 
switching  in  all  the  major  metropolitan  areas. 

It’s  also  premature  to  assume  the  RBOCs  would  carry  out  their  threat 
to  stop  investing  in  the  network.  If  you  look  at  the  wording  of  their  com¬ 
ments,  they’re  saying  they  won’t  “increase  spending.”  Humbug!  They 
were  never  going  to  do  that  anyway  The  legacy  part  of  the  network  was 
doomed  to  low  ROl  by  falling  voice  prices,  so  that  part  was  going  to 
stagnate.  It’s  always  been  about  broadband,  which  the  RBOCs  need  to 
promote  to  revalidate  their  last-mile  technology,  the  only  thing  that 
gives  them  a  barrier  against  major  competitive  market  entry, 
unbundling  or  not. 

In  our  post-bubble,  war-on-the-horizon  world,  all  companies  want 
the  government  to  guarantee  they’ll  be  a  winner.  So  they  pay  lob¬ 
byists  to  push  their  viewpoints  to  regulators  whether  those  view¬ 
points  are  good  public  policy  or  not,  and  if  that  doesn’t  work,  they 
whine  about  how  badly  they’re  treated.  Enough  whining;  we  need 
to  work  with  this  decision  and  all  its  imperfections.  If  Powell  does¬ 
n’t  like  it,  he  can  quit.  If  the  RBOCs  don’t  want  to  invest,  let’s  bite  the 
bullet  and  break  them  up.  I’ve  never  favored  that  strategy,  but  if  the 
RBOCs  are  trying  to  hold  broadband  hostage  to  gain  repeal  of  the 
telecom  act,  it’s  time  to  forget  the  carrot  and  get  out  the  stick. 
WorldCom?  1  guess  they  always  can  go  Chapter  1 1  again,  if  they  sur¬ 
vive  their  current  filing. 

So  stop  whining,  everyone,  and  let’s  get  to  work! 

Nolle  is  president  of  CIMI  Corp.,  a  technology  assessment  firm  in 
Voorhees,  N.J.  He  can  be  reached  at  tnolle@cimicorp.com. 
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■  BY  SUZANNE  GASPAR 

A  freezing  rain  drenched  the  snow-banked  streets  of  Waltham,  Mass.,  as  the  technical 
operations  team  at  Aquent,  a  professional  services  company  arrived  at  its  data  center 
early  on  Saturday  Feb.  22,  prepared  for  a  moving  day  that  would  stretch  well  into  Sunday: 

This  second  phase  of  Aquent’s  data  center  consolidation  called  for  transporting  e-mail 
servers  from  its  Boston  headquarters  and  the  Waltham  site  to  the  collocation  space,  set¬ 
ting  them  up  and  making  sure  everything  worked  when  users  arrived  at  work  on  Monday. 
In  the  next  phase, Web  servers  will  be  moved,  and  in  the  final  phase,  an  IBM  AIX  applica¬ 
tion  server. 

The  first  order  of  business  for  Peter  Lincoln, Tom  Ashworth,  Kevin  Davies  and  Eric 
Czerwinski  was  to  back  up  the  12  servers  that  were  being  moved. 

After  months  of  planning,  the  real  work  began  Feb.  6,  when  the  tech  team  began 
preparing  the  collocation  space  for  the  incoming  servers.  During  the  next  two  weeks, 
the  team  put  in  analog  lines  and  aT-1  line, and  established  Internet,  frame  relay  and 
VPN  connections.  Next  came  routers  and  switches,  firewall  and  load-balancing  equip¬ 
ment,  plus  a  Dynamic  Host  Configuration  Protocol  server.  Routing  tables,  domain  con¬ 
trollers  and  account  databases  were  synchronized,  while  directory  services  and 
authentication  capabilities  were  extended  to  the  firm’s  global  offices. 

CIO  Larry  Bolick  describes  moving  to  a  leased  space 
as  a  “letting-go”  for  his  IT  team,  which  is  accustomed  to 
holding  a  tight  rein  on  its  information  systems  and  hav¬ 
ing  open  access  to  its  data  centers.  But  Aquent  out¬ 
grew  the  cooling  and  power  systems  at  its  Boston  facil- 
ities.so  IT  now  would  have  to  deal  with  tighter  security 
and  more  costly  amenities  at  the  new  collocation  cen¬ 
ter  in  nearby  Watertown. 

By  midmorning,  1 1  of  the  servers  were  backed  up, 
and  the  team  started  to  break  down  the  equipment 
and  pack  it  up  for  reassembly  in  the  racks  of  the  data 
center  cage.The  final  server  failed  its  backup  and 
required  a  job  restart  that  would  take  three  hours.  With 
the  restart  rolling,  the  four  staffers  loaded  servers,  rails, 
cables  and  tools  into  their  personal  vehicles,  and 
drove  gingerly  through  puddles  on  a  pot-holed  jour¬ 
ney  that  crawled  along  at  5  miles  per  hour  on  some  of 
the  narrow  streets. 

Who  are  you? 

The  procession  arrived  at  noon,  and  the  team  handed  over  photo  identification  to  the 
security  guard  in  exchange  for  the  cage  key  They  signed  in,  clipped  on  badges  and  pro¬ 
ceeded  one  by  one  through  the  “mantrap,”  a  glassed  security  enclosure  that  looked  like 
a  Star  Trek  transporter  room.  Finger  scans  and  a  floor  scale  authenticated  each  person’s 
prints  and  weight,  and  personal  access  codes  were  typed  into  a  reader  device. 

Once  cleared, video  cameras  recorded  the  staffs  progress, while  the  facility’s  opera¬ 
tions  manager  oversaw  the  foursome  as  they  unloaded  and  stacked  servers  and 
equipment  bins  at  the  loading  dock  onto  a  pallet  cart  and  dolly 

By  12:30  p.m.,they  were  rolling  through  a  long,  white  hallway  one  staffer  described  as 
reminiscent  of  the  movie  “Dead  Man  Walking.”  On  to  an  elevator  draped  with  moving 
pads,  then  to  the  8-by-12-foot  cage  space.The  carts  stopped  outside  a  sliding  gate  where 
five  black  steel  racks  stood  side  by  side,  centered  about  two  feet  inside  the  cage  fence.  A 
constant  flow  of  air  roared  overhead. 

There’s  a  level  of  trust  in  a  collocation  space  that  takes  getting  used  to,  Lincoln  says. 
He  says  you  have  to  get  beyond  the  fear  that  someone  could  reach  in  and  unplug 
something. “You  never  know  who  your  cage  mate  is,  and  it's  a  bit  unsettling  to  go 
home  at  night  and  not  worry  about  your  assets,”  he  says. 

Rack  and  roll 

Blue,  green, yellow  and  white  cables  adorned  the  Aquent  racks  that  house  previously 
installed  gear,  including  a  Bay  Networks  4000  Extranet  switch,  three  Cisco  3700  routers 
and  a  Sun  Ultra  10  tower  running  the  firewall  application. 

Two  new  1U  Dell  FbwerEdge  1650  servers  also  were  racked,  and  one  had  been  queu¬ 
ing  the  firm’s  e-mail  since  10:30  p.m.the  night  before.  At  the  bottom  of  each  rack,  power 
control  units  house  40  jacks,  while  Belkin  keyboard-video-mouse  (KVM)  switches  sit 
atop  the  three  middle  racks.Two  Dell  monitors  and  keyboards  occupy  the  second  and 
fourth  racks  midway  down. 

The  men  worked  in  teams  of  two,  hefting,  balancing  and  installing  the  servers 
according  to  the  schematic  pulled  from  Lincoln’s  case,  at  times  joking  about  the 
potential  for  scraping  their  heads  on  the  rails  that  protrude  from  the  racks. The  first 
and  only  injury  was  a  small  cut  to  Davies’  finger  from  a  sharp  rack  edge. 

The  servers  slid  easily  onto  rails  that  Czerwinski  had  placed  days  beforehand.  While 
some  rail  adjustments  were  required,  the  remaining  servers  were  measured  by  eye  for  the 
correct  rack  slot,  and  the  screws  were  placed  by  hand  and  drilled  with  a  cordless  tool 
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Figuring  out  the  rack  layout  took  several  iterations,  Bolick  says.  Server  placement  was 
'argely  dependent  on  which  servers  would  be  changed  most  often.“We  put  the  older 
servers  on  top.  We  didn’t  want  the  most  critical  servers  near  the  cage  door  to  be  at  risk 
of  bumping  into  them  every  time  you  walked  b>f  he  says. 

In  less  than  an  hour,  all  1 1  servers  fit  snugly  in  racks,  including  a  Loader  Express 
Library  Tape  System,  OptiPlex  Gx  1  servers,  Dell  PbwerEdge  servers  —  2300s,  a  2400,  a 
2450  and  even  the  7U-high  Del!  PowerEdge  6300,  which  proved  the  trickiest  lift-and-slide 
because  of  its  size  and  weight.  Plugging  his  laptop  into  a  LAN  connection,  Lincoln  fired 
up  pcAnywhere  to  check  the  status  of  the  back-up  job  on  the  remaining  Dell  6300  serv¬ 
er  in  Waltham,  and, satisfied,  he  rode  the  empty  cart  like  a  skateboard,  leading  the  team 
out  to  get  lunch  at  a  nearby  pizza  shop. 

Tangled  up  in  blue 

By  2:45  p.m.,  Davies  and  Czerwinski  passed  back  through  security  and  started  cabling- 
up  the  network,  power  and  KVM  connections  to  each  server,  while  Ashworth  and 
Lincoln  rode  back  to  Waltham  to  get  the  remaining  e-mail  server.  An  hour  later,  the  Dell 
6300  was  wheeled  to  the  cage  door,  and  with  rack  rails  screwed  in,  all  four  staffers  lifted 
and  slid  it  into  place. 

Like  a  surgeon  wielding  a  screwdriver  and  wire  cutters,  Ashworth  worked  at  removing 
a  screw  that  had  jammed  into  the  back  of  a  2300  box,  as  he  attempted  to  install  a  cable 
management  tray  that  wraps  cables  accordion-style  at  the  back  of  the  server. This  would 
provide  untangled  access  for  the  box  to  slide  in  and  out.  Before  long,  the  cable  tray  was 
scrapped  when  the  team  realized  that  there  weren’t  enough  available  screws  for  installa¬ 
tion.  However,  they  left  plenty  of  slack  cable  so  tray  units  could  be  added  at  a  later  date. 

The  team  continued  the  arduous  assembly  of  cable  connections:  Green  Ethernet  cables 
are  for  trusted  servers, yellow  for  the  demilitarized  zone  and  black  for  the  untrusted 
servers.  They  all  link  back  to  the  Cisco  switches  that  divide  the  network  into  zones. 

Blue  cables  connect  servers  to  the  routers  and  firewall.  Power  cords  are  plugged  into  the 
back  of  each  server,  with  staffers  weaving  the  cords  down  under  the  bottom-most  server  to 
plug  into  the  power  unit  at  the  base  of  each  rack.  In  some  instances,  a  two-foot  step  stool 
was  needed  to  weave  server  cables  up  through  racks  to  reach  the  KVM  switch,  or  over  the 
tops  of  racks  to  wind  cables  down  for  plugging  into  the  monitor  and  keyboard. 

As  the  untangling,  plugging  and  weaving  progressed,  Davies  used  a  label  maker  to  tag 
the  front  and  rear  of  each  server,  its  cables  and  corresponding  switch  ports. The  cable 
work  wound  down  and  the  final  connections  on  a  6300  occurred  at  about  7:30  p.m. 
Lincoln  added  the  final  touches,  tucking  all  the  cables  uniformly  into  the  grooves  of  the 
rack  casings.“Working  with  cables  is  the  hardest  part.You  have  to  take  the  time  to  do  it 
right  because  you  only  have  the  system  down  once,”  he  says. 

We  are  the  champions 

Two  hours  before  the  cable  work  was  complete,  Davies  fired  up  the  KVM  switch,  moni¬ 
tor  and  keyboard,  and  proceeded  to  telnet  into  the  Cisco  switches,  assigning  ports  to 
ensure  that  traffic  would  get  routed  to  the  correct  virtual  LAN.  Likewise,  Ashworth  used 
the  second  monitor  and  keyboard  to  configure  TCP/IP  ports. 

Once  the  configurations  were  set,  power  was  turned  on  and  network  connections 
were  tested,  beginning  with  the  IRIS/Chat  server  that  runs  the  Intranet  and  Help  Desk 
collaboration  software.Then  they  powered  up  the  e-mail  servers,  one  at  a  time. 

Pbwering  up  is  tricky,  Czerwinski  says.  It  needs  to  be  sequential  because  the  servers 
have  been  running  in  a  steady  state  for  two  years,  and  there’s  no  way  to  know  ahead  of 
time  if  memory  has  been  corrupted  or  if  something  was  jarred  during  the  move.  In  case 
of  a  server  failure,  available  hardware  would  be  brought  in  from  Waltham  and  the  hard 
drives  swapped  out.  If  the  operation  system  failed,  the  team  would  back  up  the  software 
from  tapes  stored  in  the  cage. 

At  8  p.m.,  the  power  on  the  second-to-last  server  was  tested,  but  soon  the  team  realized 
they’d  forgotten  to  plug  in  the  KVM  cables  —  fortunately  an  easy  fix.  Minutes  later,  the  last 
e-mail  server  was  booted  up. The  team  was  tired,  but  satisfied  that  it  was  making  good 
progress. 

Soon  a  tracer  showed  packets  were  being  dropped  on  a  firewall  port,  meaning  one 
server  wasn’t  properly  translating  with  the  firewall, so  Davies  checked  to  make  sure  the 
firewall  was  set  up  properly.  Another  problem  was  quickly  fixed  as  the  team  figured  out 
that  one  of  the  new  KVM  switches  had  a  nonworking  port;  the  connection  was  switched 
to  another,  and  the  bad  port  was  tagged. 

By  8:45  p.m.,  all  the  servers  had  been  tested,  the  hardware  was  operating,  the  IP  con¬ 
nections  were  good,  and  the  operating  system  was  up  and  running. They  gathered 
around  to  watch  Czerwinski  do  his  magic:The  plan  was  to  bring  the  Exchange  server 
databases  up,  and  once  that  happened,  they  would  know  that  e-mail  could  be  delivered. 
Avoiding  potholes  on  the  drive  over  wasn’t  nearly  as  stressful  as  waiting  to  see  if  all  the 
databases  came  up,  Lincoln  says. 

The  staff  breathed  a  sigh  of  relief  at  9:18  p.m.,  when  Czerwinski  patted  the  last  server 
affectionately  —  the  one  that  always  acted  up  when  he  was  on  vacation  —  and 
announced  that  all  the  databases  were  functional.  Next  came  a  dinner  break,  but  the 

day  was  far  from  over. 

The  foursome  continued  to  load  back-up  clients  and  software  on  the  servers  until  the 

wee  hours  of  the  morning. 

By  2  a.m.,all  of  the  e-mail  servers  were  up  and  2G  bytes  of  data  began  flowing  to  indi¬ 
vidual  mailboxes  at  Aquent  sites  around  the  world.  ■ 


7:30  a.i  Pack  up  servers  in  Boston  and  Waltham 


11  a.m.:  Drive  to  Watertown  collocation  facility. 


Noon:  Begin  unloading  servers 


1:30  p.m.:  11  servers  are  installed.  Lunch  break 


Cabling  begins 
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Reader  spots  security  flaw  in  software,  raising  issue  of  effectiveness  of  vendor  bulletins. 


■  BY  MANDY  ANDRESS,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

An  alert  reader  recently  notified  us  about  a  potentially  serious  security 
vulnerability  in  Oracle’s  Internet  Application  Server,  in  which  any  default 
installation  of  a  PL/SQL  gateway  leaves  the  system  open  to  attack. 


PL/SQL  procedures  are  pieces  of  code  stored  in 
the  database  that  can  be  executed  multiple  times. 
Many  of  these  procedures  are  very  powerful,  pro¬ 
viding  the  ability  to  view,  create,  modify  and  delete 
data  and  many  database  components,  such  as 
tables.  These  procedures  can  be  accessed  through 
a  Web  browser,  so  anyone  on  the  Internet  could 
execute  SQL  commands  if  they  had  the  access  in 
the  database  to  run  these  procedures. 

Matt  Scheetz,  a  database  analyst  for  the  city  of 
Fort  Collins,  Colo.,  argues  that  anyone  with  a  brows¬ 
er  and  some  SQL  command  knowledge  easily  could 
read  the  contents  of  an  entire  table,  create  new 
stored  procedures,  create  tables  and  insert  data 
into  a  database,  using  SQL  commands  through  a 
Web  browser. 

Network  World  investigated  Scheetz’s  claims  and 
verified  that  the  vulnerability  exists.  Using  a  default 
installation  of  Oracle  9i  on  Windows  2000,  we  ran  a 
series  of  tests  against  the  database  by  accessing  it 
through  a  Web  server/Oracle  application  server 
front  end.  We  first  created  an  HTTP  request  calling 
the  owa_util  stored  procedure,  a  function  that  pro¬ 
vides  the  ability  to  read  the  data  in  the  database. 

By  making  this  request,  we  could  read  all  the  data 
stored  in  the  database. 

Next,  we  used  the  dbms_utility  function  to  create 
our  own  stored  procedure,  which  gives  us  the  abili¬ 
ty  to  create  tables,  add  data  to  tables  and  delete 
data  from  tables.  We  could  do  this  by  entering  an 
HTTP  request  containing  SQL  commands  in  a  Web 
browser  —  a  very  simple  process. 

Scheetz  performed  some  testing  of  his  own  and 
discovered  more  than  120  sites  vulnerable  to  these 
attacks.  He  contacted  several  of  the  sites,  informing 
them  about  their  vulnerability  and  explained  how 
to  properly  secure  their  installations. 

For  its  part,  Oracle  is  aware  of  the  vulnerability 
and  first  discussed  it  in  a  security  bulletin  released 
in  February  2002,  which  was  revised  July  5.  The 
company  recently  announced  it  would  fix  the  poten¬ 
tial  problem  in  the  next  version  of  Oracle  91 
Application  Server,  due  out  this  spring. 

But  Scheetz  says  that  the  security  bulletins  come 
up  short  because  they  do  not  explicitly  tell  data¬ 
base  administrators  that  the  vulnerability  exists  not 
in  an  improperly  configured  database,  but  in  a  data¬ 
base  running  the  default  settings. 

The  issue  of  security  bulletins  is  an  important  one 
that  affects  customers  of  all  the  major  vendors.  To 
get  some  idea  of  the  scope  of  the  overall  problem  of 
security  vulnerabilities,  a  total  of  1,341  vulnerabili- 
^ ' 


ties  were  announced  in  2002,  including  488  in  the 
last  three  months  of  the  year,  according  to  the  1CAT 
security  vulnerability  metabase  (icat.nist.gov). 

Some  industry  security  experts  agree  with 
Scheetz  that  Oracle’s  bulletin  should  have  said 
more  than  it  did  from  the  get-go.  “The  way  I  read 
[the  bulletin]  is  that  if  I  didn’t  do  something,  then 
I’m  OK,”  says  Joel  Snyder,  a  member  of  Network 
World’s  Global  Test  Alliance  and  senior  partner  at 
Opus  One.  But  that  is  not  the  case.  If  you  did  noth¬ 
ing,  you  would  be  vulnerable. 

Derek  Cheng,  senior  consultant  at  Deloitte  & 
Touche,  adds  that  Oracle  “should  use  the  word 
‘default’  configuration”  in  the  bulletin,  specifically 
stating  that  an  “out-of-the-box”  installation  will 
leave  you  vulnerable. 

On  the  other  hand,  Mark  Edmead,  president  of 
MTE  Software,  a  security  service  provider,  does 
not  take  any  real  issue  with  the  security  bulletin. 
He  says  Oracle  is  assuming  that  it  is  the  database 
administrator’s  responsibility  to  implement 
security. 

Devilish  details 

Just  how  detailed  a  security  bulletin  should  be 
is  a  subject  for  debate  in  security  circles.  Swne  bul- 


How  to  stay  on  top  of  security  news 

Be  vigilant 

Monitor  vendor  and  other  security-related  mailing  lists. 
Keep  up  with  new  attack  methods. 

Maintain  strong  procedures 

Create  testing  procedures  for  new  patches. 

Outline  how  new  patches  are  deployed  to  affected 
systems. 

Do  continuous  testing/auditing 

Perform  periodic  security  assessments  to  ensure  all 
necessary  patches  have  been  applied  to  your  systems. 

Use  system  audits  to  maintain  an  up-to-date  system 
inventory. 


Hire  knowledgeable  personnel 

Understand  your  environment  in  order  to  know  which 
bulletins  apply  to  you  and  how  your  systems  are  affected. 

Understand  malicious  attack  methodologies  and  how 
to  best  defend  against  them. 


letins,  such  as  the  Macromedia  JRUN  bulletin  eEye 
Security  issued  in  mid-November  (www.nwfusion 
.com,  DocFinder:  4523)  included  sample  exploit 
code,  but  most  researchers  avoid  including  actual 
code  because  it  might  give  hackers  too  much 
information. 

Other  vulnerability  announcements  go  to  the 
other  extreme,  including  almost  no  useful  informa¬ 
tion  and  making  it  difficult  to  even  identify  if  you 
are  vulnerable. 

In  the  case  of  the  Oracle  vulnerability,  the  security 
bulletin  (DocFinders:  4524  and  4525)  discusses  a 
vulnerability  that  exists  if  public  access  is  granted 
to  powerful  PL/SQL  procedures. 

The  Oracle  bulletin  goes  on  to  say  this  vulnerabili¬ 
ty  can  be  avoided  by  “customers  who  have  granted 
public  access  to  PL/SQL  procedures”  in  two  ways: 
by  revoking  public  access  granted  to  OWA,  SYS  and 
DBMS  procedures  or  by  disabling  access  to  URLs 
that  match  criteria  that  would  be  used  to  exploit 
these  procedures. 

What  the  bulletin  does  not  say  is  that  these  proce¬ 
dures  are  granted  public  access  by  default,  so  any 
default  installation  of  the  PL/SQL  gateway  (includ¬ 
ing  Oracle  Application  Server,  WebDB/Portal  listen¬ 
er  and  iAS)  is  vulnerable. 

According  to  Mary  Ann  Davidson,  chief  security 
officer  at  Oracle,  Oracle  9i  Application  Server 
(Release  2  Version  9.0.4),  scheduled  to  be  released 
this  spring,  will  block  access  to  procedures  such  as 
OWA  and  SYS  by  default.  Oracle  also  recently 
released  a  security  checklist  for  Oracle  Application 
Server,  available  at  DocFinder:  4526,  which  includes 
a  discussion  on  protecting  PL/SQL  procedures. 

Shared  responsibility 

This  case  points  to  the  fact  that  both  vendors  and 
network  administrators  share  responsibility  for 
security.  Vendors  have  a  responsibility  to  disclose 
known  security  issues  with  their  products  and  pro¬ 
vide  patches,  hotfixes  or  configuration  changes  to 
remove  the  identified  issue  in  a  timely  fashion. 
Administrators  also  need  to  keep  up  with  the  latest 
security  bulletins  and  to  understand  the  effect  that 
vulnerabilities  might  have  on  their  systems,  net¬ 
works  and  organization. 

The  security  community  has  worked  to  develop 
standards  and  best  practices  to  help  network  pro¬ 
fessionals  reach  these  security  goals. 

SANS  and  the  Center  for  Internet  Security  have 
created  checklists  and  benchmarks  to  help  adminis¬ 
trators  better  understand  security  and  how  it 
should  be  implemented  to  gain  the  maximum  level 
of  effectiveness. 

Andress  is  president  of  ArcSec  Technologies ,  a  sere 
rity  company  focusing  on  product  reviews  and  analy¬ 
sis.  She  can  be  reached  at  mandy@arcsec.com. 
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Making  informed  decisions 

Reports  from  IT  analysis  firms  help  executives  select  technology  and  plan  strategy. 


Information  gatherers 

Here  are  some  of  the  leading  IT  research  firms’  specialties. 


Company 

Web  site 

Analysts 

Differentiators 

AMR  Research 

www.amrresearch.com 

60 

Strongest  vertical  research  (especially  in  manufactur¬ 
ing  retail);  analysts  organized  by  strengths,  not 
coverage;  only  formalized  contract  negotiation  service. 

Forrester  Research 

www.forrester.com 

122 

30,000-foot  view;  high-level  strategic  Internet  and 
e-commerce  advice  and  forecasting;  most  quoted  firm. 

Gartner 

www.gartner.com 

650 

The  classic  "800-pound  gorilla";  the  industry  brand 
name;  the  firm  with  the  greatest  political  clout. 

Giga  Information 
Group 

www.gigaweb.com 

80 

The  original  single-service  model;  highly  flexible 
contracting  options;  state-of-the-art  research  platform. 

IDG 

www.idcresearch.com 

700 

Blue-chip  provider  of  pure  market  research;  largest 
and  oldest  source  of  quantitative,  IT  market  data. 

Meta  Group 

www.metagroup.com 

200 

High-touch  consultative  model;  client/analyst  ratio 
strictly  monitored;  analysts  initiate  dialogue  with  clients. 

SOURCE:  OUTSELL.  INC.,  "WATCHING  THE  IT  WATCHERS:  IT  RESEARCH  FIRMS  2002."  SEPTEMBER  2002 


■  BY  SUZANNE  GASPAR 

The  rise  in  commodity  information  and 
drop  in  IT  spending  has  ignited  a  change 
in  how  firms  deliver  research  to  best  meet 
customer  needs.  In  a  strained  economy,  IT 
often  requires  better  access  to  consulting 
and  to  a  detailed  view. 

As  companies  look  for  ways  to  squeeze  more  out  of 
their  IT  investment,  they’re  tapping  research  from 
Forrester  Research,  Gartner  and  other  advisory  services 
to  help  them  place  educated  bets  on  vendor  selection, 
acquisition  and  deployment.  IT  analysis  can  help  IT 
executives  build  a  business  case  around  a  technology 
and  benchmark  IT  efforts  against  industry  peers. 

Hilton  Hotels  is  spending  more  than  $100,000  for 
Forrester  services  this  year,  more  than  $25,000  for  Giga 
Information  Group  services  and  $8,000  for  Norex  Online 
IT  peer  subscription  to  shared  experience  and  strategy 

Forrester  is  helping  Hilton  CIO  Tim  Harvey  formulate 
a  strategy  for  increasing  online  revenue  from  cus¬ 
tomers  who  previously  booked  rooms  through  Hilton’s 
call  centers.  Harvey  says  insight  into  what  online  travel 
services  are  used,  and  what  percentage  of  business 
has  shifted  to  travel  sites  such  as  Priceline  and 
Expedia,  helps  IT  determine  how  to  lure  customers  to 
www.hilton.com. 

With  Forrester  forecasting  total  online  U.S.  travel  pur¬ 
chases  to  increase  from  an  estimated  $29  billion  this 
year  to  $35  billion  in  2004,  IT  is  gearing  up  to  position 
the  Memphis, Tenn.,  hotel  chain  for  growth.  Reservation 
system  changes  now  ensure  that  honor  points  are 
assigned  to  customers  who  book  rooms  through  Hilton’s 
Web  site. The  company  also  is  evaluating  the  potential 
for  guaranteeing  those  customers  the  lowest  room  rates, 
a  strategy  that  would  require  IT  to  integrate  applications 
for  managing  rates  across  all  distribution  channels.The 
research  from  Forrester  predicted  those  were  the  kinds 
of  changes  we  needed  to  make,”  Harvey  says. 

Four  years  worth  of  Giga  research  has  led  Hilton  to 
select  frame  relay  for  the  WAN,  EMC  for  storage,  and 
replace  phone  lines  in  hotel  rooms  with  high-speed 
internet  access,  he  says. 

Anthea  Stratigos.CEO  of  Outsell,  a 
content  analysis  firm  in  Burlingame, 

Calif., says  analysts  typically  generate 
baseline  research  that’s  valuable  to 
people  who  crave  technology  trends, 
pricing  and  performance  metrics. 

Users  need  to  validate  their  thinking 


with  the  credibility  that  comes  from  an  independent 
viewpoint,  she  says. 

Historically,  firms  have  varying  methods  of  delivering 
research,  typically  forcing  users  to  seek  out  consultation 
and  weed  through  silos  of  topics.  Customers  want  more 
flexibility  in  accessing  syndicated  reports  and  advisory 
relationships,  Stratigos  says. 

IT  analysis  firms  are  weathering  tough  times  them¬ 
selves,  and  Outsell  reports  it  suffered  an  aggregate  5.8% 
drop  in  analyst  revenue  in  2002.  Some  well-positioned 
firms  are  filling  their  portfolio  gaps  with  acquisitions. 
For  example,  Forrester  bought  Giga,  a  group  that  has 
always  kept  an  open  door  to  consultant  services.  Other 
firms  with  a  largely  dot-com  client  base  such  as  Jupiter 
Research  saw  revenue  whittled  back. 

Tough  times  breed  tactical  needs,  and  firms  are 
unbundling  content  for  customers  who  won’t  buy  the  fire 
hose  but  will  buy  the  drink.“They  want  to  know  about 
this  specific  issue,  about  me,  now  today?’ Stratigos  says. 

Chris  Morgan,  senior  IT  staff  member  for  Sandia 
National  Labs  in  Albuquerque,  N.M.,  has  noticed  the 
increased  visibility  of  research  firms  in  the  past  two 
years.’A  year  ago,  I’d  never  even  heard  of  Burton  Group,” 
she  says.The  research  that  closely 
matched  specific  projects  in  progress 
proved  vital  to  the  IT  department, 
which  also  has  added  a  Meta  Group 
subscription  and  has  long  been  a 
Gartner  customer. 

Analysts  share  a  consumer  advocate 
role,  evaluating  technology  that’s 


emerging  or  fading  away,  but  Morgan  sees  differences  in 
the  research  focus  of  the  firms.  Burton  defines  how 
products  fit  in  the  market,  how  they  work  in  specific 
parameters,  and  how  clients  can  learn  lessons  from  pre¬ 
vious  installations. 

While  Sandia  National  Labs  only  recently  began  using 
Meta  research,  Morgan  sees  its  focus  qs  similar  to 
Burton’s.  However,  Gartner  is  all  about  making  the  case 
for  technology.’The  return  on  investment... the  bal¬ 
anced  score  card  that  looks  at  money,  satisfaction,  and 
effectiveness  of  internal  processes... it’s  a  business  point 
of  view;”  Morgan  says. 

Harry  Roberts,  senior  vice  president  and  CIO  for 
Boscov’s  Department  Stores  in  Reading,  Pa.,  says 
Gartner’s  Total  Cost  of  Ownership  reports  add  bite  to  the 
business  case  he  makes  to  the  CFO.“lt’s  not  easy  to  mea¬ 
sure  return  on  investment,”  he  says.“Those  performance 
measures  show  a  payback  for  the  business.” 

Yet  Roberts  watches  his  wallet  and  doesn’t  subscribe 
to  any  of  the  major  IT  analysis  services.  He  values 
reports  from  Gartner  and  AMR  Research,  yet  won’t  pay 
thousands  of  dollars  for  information  that  eventually 
trickles  down.  He  has  a  subscription  to  Retail  Systems 
Alert,  a  monthly  newsletter,  and  scours  publications, 
conferences,  and  the  Web  for  retail  topics  such  as  mark¬ 
down  optimization  software  and  radio  frequency  identi¬ 
fication  chips. 

There’s  so  much  information  on  the  Internet,  and  with 
certain  parts  of  the  industry  under  suspicion.  Outsell 
sees  more  discernment. “People  realize  they  have  to  vet 
what  they’re  going  to  consume,”  Stratigos  says.  ■ 
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On-Command  Power  Switching  for  your 
Network  Equipment***  from  Anywhere! 


Applications: 

Remote  Power  Management 
X  Servers 

X  Routers  Firewalls  DSU/CSU's 
X  Web  Cams 

Turn  On/Off  any  AC  or  -48VDC 
Powered  equipment  via  telnet, 
modem  or  local  terminal. 

Electronic  equipment  sometimes  "locks- 
up"  requiring  a  service  call  just  to  flip 
the  power  switch  to  do  a  simple  reboot. 
With  WTI  Remote  Power  Switches  you 
have  the  ability  to  perform  this  function 
from  anywhere  on  the  LAN/  WAN,  or  if 
the  network  is  down,  to  simply  dial-in 
from  a  modem  for  out-of-band  control. 

For  over  a  decade  WTI  has  been 
leading  the  way  in  Remote  Power 
Switching  technology  offering  more 
products  choices  for  small  or  large  scale 
remote  management  strategies. 

Our  switches  are  now  installed  in 
thousands  of  sites  world  wide.  Our 
customers  know  they  can  depend  on 
our  superior  quality  and  reliability  for 
their  most  mission-critical  operations. 

Yes,  we  are  customer  friendly! 

X  Two  year  warranty 
X  We  stock  for  same  day  shipment 
X  30  day  return  policy 
X  Start-up  cables  and  rack  ears  included 

Want  an  on-line  demo? 

Just  call  or  e-mail  and  you'll  see  for 
yourself  why  so  many  network 
professionals  choose  WTI. 


EIGHT  PLUG  -  DUAL  BUS 


©  Dual  15  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  User  plus  Admin  Security  Features 
©  115VAC  and  230VAC  Models 


TWO  PLUGS  -  LOW  COST 


©  Two  Addressable  Plugs 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  115VAC  and  230VAC  Models 
©  Manual  on/off  Buttons 


HIGH  CURRENT  -  DUAL  BUS 


NPS-2HD 


©  Ideal  for  CISCO  6500/7500 
©  Dual  20  Amp,  115VAC  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 


DUAL  BUS  -48VDC 


©  Dual  -48VDC,  40  Amp  Circuits 
©  Telnet,  lOBaseT  Ethernet 
©  RS232  Console  and  Modem  Ports 
©  On/Off/Reboot  Switching 


CODE  ACTIVATED  - 
EXPANDABLE 


FIVE  CIRCUIT 
-48VDC  POWER  BAR 


RPS-10 


RPB+DC30 


©  Single  10  Amp  Circuits 

©  Expandable  to  10  Individually 
Switched  Plugs 

©  RS232  Control  Port 


©  Five  Individually 
Switched  Circuits 

©  Switch  -48VDC,  12  Amps 
each  Circuit,  30  Amps  Total 

©  Also  Available  in  115VAC 
and  230VAC  Models 


www.wti.com 


(800)  854-7226 
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Keeping  the  Net.. .Working! 


CONTROL  KEYBOARD,  VIDEO  AND  MOUSE  REGARDLESS  OF  LOCATION 

With  the  Kaveman  networking  device,  you  can  remotely  control  servers,  either  over 
the  Internet  or  a  local  network,  down  to  the  BIOS  level. 


AUTOMATICALLY  MONITOR  SERVER  ACTIVITY 

Kaveman  automatically  monitors  critical  server  vitals  such  as  power,  video,  and 
keyboard  response;  it  alerts  you  to  crashes  and  enables  you  to  quickly  respond  to 
problems. 


H  &  1/  e  m  a  n 

COMPLETE  KVM  CONTROL  VIA  TCP/IP 


ACCESS  SERVERS  USING  A  WEB  BROWSER  OR  VNC 

All  you  need  to  operate  Kaveman  is  a  web  browser  or  VNC  on  the  remote  client.  No 
additional  software  is  required.  And  no  software/users  licenses  help  keep  your  costs 
down. 

REMOTELY  CONTROL  POWER 

Through  the  user-friendly  Kaveman  GUI,  you  can  control  the  power  of  up  to  eight 
devices. 


mum 


Remote  Client 


H  0  is  e  m  a  n 


Servers 


Available  in  single  and  eight  channel  versions  www.digitalv6.com  Resellers  and  Distributors  welcome 
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Your  network  costs  a  fortune... 


NEW 

LOWER 

PRICES! 


•••protecting  it  doesn't  have  to. 


72"  Workstation 

$799 

Stk.  #  C95033 


v  board  atawe 


oaro'eiv 


GLOBAL 


Global  LAN  Furniture 

f>rotects  your  equipment 
or  a  lot  less  money. 

Our  heavy-duty  LAN  Furniture  is  built  to  last  with 
steel-reinforced,  triple-leg  support  and  lateral 
braces.  Built-in  cable  management  system  hides 
unsightly  wires  and  organizes  and  separates 
cables.  Deep  30"  work  surface,  adjustable  shelves 
and  sturdy  server  shelf  allow  for  easy  integration  of 
all  your  network  equipment,  providing  a  complete 
storage  solution.  Our  96",  72",  48"  and  24"  wide 
units  combine  with  additional  shelves,  keyboard 
drawers  and  casters  for  unmatched  flexibility  to 
meet  your  changing  needs. 


SAVE  A  TON  OF  MONEY 
ON  YOUR  NEXT 
MEDIA  PURCHASE!  « 
Check  out  our  prices  today! 


24"  Server  Station 

#  C23955 


$d.E99 

Wm 

CALL  1  -8QO-8-GLOBAL 


299 


Stk 


\ 


COMPUTER  a  Systemax 


company 


or  visit  us  online  for  the  LAN  solution  that  is  right  for  you. 

www.globalcomputer.com/go/mag/lan 
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New!  APC  solves  top  4  rack  problems 


TOP  FOUR  RACK-BASED  PROBLEMS 


I 

PROBLEM 

SOLUTION 

pr 

Cabling 

Additional  enclosure  depth  for  better 

i  • 

Nightmares 

cable  management  and  power  distribution 

9 

Mot  Qnnfc 

Optimal  cooling  distribution  and  heat 

L 

not  opuib 

exhaust  for  rack  environments 

D 

Blown  Circuit 

Monitoring  of  power  and  environment  at 

J 

Breakers 

rack  helps  avoid  downtime 

A 

Brand 

Vendor-neutral  mounting  backed  up  by 

4 

Incompatibility 

"Fits  like  a  Glove"*  money-back  guarantee 

"Fits  Like  a  Glove"  guarantees 
that  all  brands  of  EIA-310-D 
compliant  equipment  fit  inside. 


Benefit  today  from  optimal  cable  management, 
effective  cooling,  and  remote  power  distribution. 
The  NetShelter®  VX  rack  enclosure  supports  your 
entire  data  environment,  including  servers,  net¬ 
working  and  communications,  and  storage  devices. 


With  a  full  range  of  compatible  APC  components, 
you  can  customize  a  solution  to  fit  current  avail¬ 
ability  needs,  and  build  upon  this  foundation  as 
future  requirements  change.  Why  wait?  To  find  out 
more  today,  visit  us  online  at  www.apc.com. 


MetShelter®VX  Enclosures  <x -pfrufif m 


Next  generation,  high-quality  enclosures 

•  Fully  ventilated  front  and  rear  doors  with  enhanced  ventilation  pattern  maximize  airflow 

•  Overhead,  base  and  side  cable  access  provides  easy,  integrated  cable  management 

•  Rear  Cabling  Channel  (42"deep  versions  only)  allows  for  easy  installation, 
access  and  serviceability  of  both  data  cables  and  power  distribution 

•  Available  in  multiple  configurations:  35.5"  deep,  42"  deep,  beige  or  black 

NetShelter®  Open  Frame  Racks  ix-rFKTifir-m  [4  pnstnniyi 


Economical  solutions  for  wiring  closets  and  networking  applications 

•  Designed  to  accommodate  networking  devices  such  as  hubs,  routers  and  switches 

•  Industry  standard  7'  high  design  provides  45U  of  equipment  mounting  space 

•  Self-squaring  design  allows  one-person  assembly 

•  Made  of  high-strength  6061 -T6  structural-grade  aluminum 

Air  Distribution  Unit  (ADU)  (X-CFRTIFIFm 

2U  rack-mounted  fan  unit  distributes  cool  air  to  rack  enclosure  equipment. 

.  For  racks  up  to  3kW  of  power  consumption  on  raised  floors 
.  Adds  30%  efficiency  air  filtration  to  supply  air  for  equipment  intake 
.  Delivers  equalized  airflow  from  the  bottom  to  the  top  of  the  rack  enclosure  with  dual  fans 

•  Adjustable  depth  to  fit  most  leading  enclosures 

Air  Removal  Unit  (ARU)  tx -certified) 

Heat  removal  for  enclosures  in  IT  rooms  and  data  center  hot  spots 

.  Enables  up  to  7.5kW  of  power  consumption  in  a  rack,  without  taking  up  U  space 
.  Automatic  fan  speed  adjustment  leads  to  greater  energy  efficiency 
.  Dual-power  input  cords  allow  the  unit  to  attach  to  redundant  power  sources 

•  Ducting  kit  to  drop  ceiling  plenum  allows  higher  temperature  from  equipment  exhaust 
to  be  delivered  directly  to  A/C  return  stream 


Power  Distribution  Units  (x-llbijeied.) 

Distribute,  monitor,  and  remotely  control  power  in  rack  enclosures 

•  Basic:  Vertically  and  horizontally  mounting  with  a  range  of  amps 
and  voltages 

•  Metered:  Ability  to  monitor  the  current  draw  and  set  alarm  thresh 
olds  that  when  exceeded,  provide  both  visual  and  audible  alarms 

•  MasterSwitch®:  Advanced,  remote  power  distribution  and 
control.  User  configurable.  Users  can  configure  the  sequence  in 
which  power  is  provided  to  individual  receptacles  upon  start  up 


.  ... 


Environmental  Monitoring  Unit  !  ;  r;  _ _ 

Monitors  environmental  conditions  in  racks  and  rooms  ^ 

-v; 

•  Sensors  continuously  monitor  the  temperature  and  humidity  of  environment 

•  Four  user-definable  external  inputs  allow  use  with  sensors  for  fire, 
water,  smoke,  unauthorized  entry  and  physical  security 

•  Communicates  information  in  a  variety  of  formats  to  ensure  that  your  application  is  supported 


\. 


LCD  Monitors  ix-ccrtifiedi 


Rack-mount  LCD  monitors  save  space  in  IT  environments 

•  Provides  optimal  functionality  while  utilizing  only  1U  (1.75")  of  rack  space 


FREE  APC  Rack  Power  Distribution 
Unit  for  the  first  100  entrants! 


Get  yours  today!  Visit  http://promo.apc.com  Key  Code  j594y  •  Call  888-289-APCC  x6523  •  Fax  401-788-2797 

©2003  American  Power  Conversion  Corporation.  All  Trademarks  are  the  property  of  their  owners  •  E-mail:  esupport@apcc.com  •  132  Fairgrounds  Road,  West  Kingston,  Rl  02892  USA  •  APC103EF-US 
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Is  rack  space 

at  a  premium? 


The  RackView™  Advantage... 

The  RackView  offers  the  latest,  most  efficient  way  to  control  server  rooms  or  multiple  computers  and 
reduce  rack  space  consumption.  RackView  is  a  1 U  or  2U  rack  mountable  KVM  console  drawer  with 
optional  built-in  KVM  switch.  This  easy-glide,  KVM  console  drawer  contains  an  LCD  video  monitor, 
PS/2  tactile  keyboard  and  high  resolution  trackball. 


RackView™  15",  17',  or  19’ 

Rack  mount  flat  panel  monitor, 
keyboard,  and  trackball  with 
optional  integrated  KVM  switch 


RackView™ 
fold-back  design 

♦  15”,  17”,  or  19”  TFT/LCD  monitor 

♦  Keyboard  has  gold-plated  key 
switches  with  lifetime  of 
20,000,000  key  presses 

♦  High  resolution  trackball 

♦  15"  up  to  1024  x  768  resolution 

♦  17”  and  19"  up  to  1280  x  1024 
resolution 

♦  Optional  integrated  KVM  switch 


When  you  need  to  use  it,  just  slide  it  out  and  tilt  the  LCD  panel  up.  It's  especially  convenient  when  you 
have  to  access  computers  that  are  installed  in  racks  nearby.  When  you  are  finished  using  it,  simply 
slide  it  back  into  the  rack  and  the  front  panel  conceals  the  unit. 

You  have  a  choice  of  LCD  panel  sizes  If  you  are  doing  occasional  server  work,  then  perhaps  the  1 5" 
model  is  the  one  best  suited.  For  higher  resolution  applications  or  extended  use,  the  1 7"  and  1 9" 
models  will  improve  your  productivity. 

For  the  ultimate  in  server  access,  the  RackView  single  or  multiple  user  switch  option  offers  a  choice  of 
several  KVM  switches  to  allow  one,  two  or  four  users  access  to  their  servers.  The  switch  and 
drawer  can  fit  into  1 U  of  space  for  maximum  space  savings. 


RackView™ 
fold-forward  design 

♦  Minimum  rack  depth  requirement 

♦  1 5”  or  1 7"  TFT/LCD  monitor 

♦  Keyboard  has  gold-plated  key 
switches  with  lifetime  of 
20,000,000  key  presses 

♦  High  resolution  trackball 

♦  15”  up  to  1024  x  768  resolution 

♦  17”  up  to  1280  x  1024  resolution 

♦  Optional  integrated  KVM  switch 


rack 


RackView™  15”,  17”,  19” 
Monitor  Only 

♦  Fold  back  design 

♦  15",  17",  or  19"  TFT/LCD  monitor 

♦  15"  up  to  1024  x  768  resolution 

♦  17"  and  19”  up  to  1280  x  1024 
resolution 

♦  Front  panel  conceals  unit  when 
not  in  use 


Rack  mountable 
keyboard  only 

♦  Easy-glide  design  fits 
in  1 U  space 

♦  Keyboard  uses  gold-plated 
key  switches  with  lifetime  of 
20,000,000  key  presses 

♦  18  mm  key  spacing  for  typing 
in  comfort 

♦  High  resolution  trackball 


USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44  (0)  1264  850574 
ROSE  Asia  +65  6559  3750 

WWW.ROSE.COM 


Rose  Electronics  ■  10707  Stancliff  Road  ■  Houston,  Texas  77099 


ELECTRONICS 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


OBSERVER 


OBSERVER 


Quickly  Pinpoint,  Pre>solve  & 
Prevent  Network  Problems 


.  *995 


Expert  Observer 

Observer  Suite 

m95  * 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


-  Windows ®  98/Me/NT/2000/XP  compatible 
'  Over  4,000  frame  types  recognized 


Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 


Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 


If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952  )  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  *44  (0)  1959  569880  •  Fax  *44  (0)  1959  569881 


INSTRUMENTS 


©2002  Network  Instruments,  LLC.  Observer,  “Network  Instruments"  and  the  “N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 


Firewall 


Experience  Counts.  Since  1 994  GTA  has  been 
building  solid,  dependable  firewall  systems.  For 
the  past  8  years  our  line  of  firewall  products 
have  met  the  demands  of  small  to  medium  sized 
businesses  worldwide.  All  GTA  firewall  products 
carry  the  ICSA  4.0  Corporate  Firewall  Certification 
To  learn  more  about  our  family  of  firewalls  visit 
our  website  or  contact  a  GTA  channel  partn  u 


Global  1 
Technology 


Associates,  Inc. N 

1-800-775-4GTA  •  www.gta.com  •  info@gta.com 
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The  Hub  of  the  Network  Buy 


RMONS  PR 


MORE  REASONS  TO  CALL  MOVINCOOL. 
#1  IN  PORTABLE  SPOT  AIR  CONDITIONING 
FOR  OVER  30  YEARS. 


►  Protects  against  excessive  heat  ►  No  costly  installation 

►  Prevents  costly  system  failures  ►  Affordable  rent,  lease  or  purchase  options 

►  Increases  productivity  and  manufacturing  quality  ►  The  only  ETL-verified  portable  air  conditioner 

►  Up  to  60,000  Btu/h  of  cool  air  for  performance 


Call  800-264-9573  or  visit  www.movincool.com  to  ask  about  our  affordable  leasing  options! 


MOVINCOOL 


THE  #1  PORTABLE  SPOT  COOLING  SOLUTION 
©2003  DENSO  Sales  California,  Inc.  MovinCool,  Spot  Cool  and  Office  Pro  are  registered  trademarks  of  DENSO  Corporation. 


Complete,  Industry  Standard,  Software-Based  RM0N2  and 
RM0N1  Probe  for  Windows  98/Me/NT/2000/XP 

^Network  Instruments  RMDN  Probe  NBC 
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NETWORI 


File  Options  Help 


^OBSERVER 


Last  Manager  IP  _  I  '  14H v 


Interfaces  1 


PCI  Fast  Ethernet  DEC  ?1!4- 


•  Low  cost,  complete  RMON  monitoring  for  remote  sites  or 
segments. 

•  Software-only,  non-dedicated  data  collection. 

•  Pure,  full  RMON  1  and  2  support.  Complete  implementation  of 
both  RMON  1  and  2  for  Ethernet  ( 10/100)  and  Token  Ring  (4/16). 

Full  adherence  toRFCs  1513,  1757,  2021  and  2074. 

•  Runs  as  a  service  on  Windows  NT/2000/XP. 

•  Works  with  ANY  RMON  management  console  or  collection  facility 
(Observer  ”,  OpenView  ,  Concord  ,  NetScout  ,  etc.). 

•  Compatible  with  Network  Instruments'  optimized  ErrorTrack™  NDIS 
drivers  display  true  errors-by-station. 

•  Multiple  concurrent  network  interface  monitoring  (up  to  10). 

Why  pay  thousands  more  for  the  same  data? 

Call  800-526-7919  for  information,  or  see  our  web  site  at: 

www.networkinstruments.com 

©  2001  Network  instruments,  LLC  -  Corporate  Headquarters  (952)  932-9899  FAX  (952)  932-9545 
UK  and  Europe  +44  (0)  1959  569880  FAX  +44  (0)  1959  569881  info@networkinstruments.com  www.networkinstruments.com 
Network  Instruments  and  the  “N”  logo  are  registered  trademarks  of  Network  Instruments,  LLC  Minneapolis.  MN  USA 
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Verify  Amps  Used  per  Circuit 
with  Sentry  Input  Current  Monitor 

•  ‘  Precisely  measure  the  current,  in  amps, 

for  each  power  circuit 

•  Prevent  overloads  on  existing  power  circuits 

•  Reduce  costs  for  additional  power  circuits 

•  Overcurrent  alarms 

•  Remote  Measurement  via  IP  or  RS-232 

•  Local  Measurement  via  digital  display 


Sentry  Power  Tower.  Equipment  Cabinet  Solutions. 
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Server  Technology,  Inc. 

^ m 

1040  Sandhill  Drive  Reno,  Nevada  8951 1  USA 
web:www.servertech.com  toll  free:  1.800.835.1515 
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Contact  these  companies  today  to  help  you  with  your  training  needs! 


|  McasureUp 

(678)  356-5000 

1  www.measureup.com 

1  Certification  Practice 

[Tests _ 

1 1  Transcender 

j  1  (615)  726-8779 
\  1  www.transcender.com 

1 1  Award- winning  practice  exams 
li  1  for  IT  certification 

I1  jj  4 _ 1 

|  Learnkey  Inc 

1 CBT  Nuggets,  Inc 

(800)  865-0165 

1  (541)  284-5522 

1  www.learnkey.com 

[  1  www.cbtnuggeLs.com  j 

|  Self-paced  online  CD  network 

j  1  IT  Certification  Videos  J 

|  certification  developer  bus/apps 

IPexpert,  Inc 

(866)  225-8064 
|  www.ipexpert.net 
CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

CCNP,  CCNA,  and  IP  TELEPHONY 

You/  JJjfrjijj  iki/i 
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NetWOfkWorld  NetSmart  Learning  Partner 


So 


many  SGFVGFSj  hubs,  switches,  cables... 


Universal 

rack-mount 

Enclosures 


Open-frame 

modular 

Network 

furniture 


Ergotron  optimizes  your  data  center  space  with  exceptional  network 
furniture,  enclosures,  Avocent  digital  KVM  switching  technology  and 
other  innovative  products  that  will  make  your  life  easier. 

Learn  more  now.  Get  the  entire  story  at  onesolution.ergotron.com. 


ERGOTROIl 


Call  1.800.888.8458  (U.S.) 
1.800.267.9912  (Canada) 


Get  More  Computers  in  Less  Space 

in  10  Days  or  Less 


Now  you  can  stack  computers  3  levels  up  to  7  feet 
high.  With  cable  channels  at  each  level. 

We’ll  design  maximum  flexibility  into  your  available 
space.  Tell  us  what  space  and  what  equipment, 
and  we'll  give  you  a  3-D  PLAN  AT  NO  CHARGE! 
Choose  the  award-winning  ISO  9001  system  from 
Europe  or  a  typical  North  American  workhorse. 

You  can  receive  your  order  in 
5-7  business  days. 

THE  SALIX  GROUP  •  1-800-668-9319  e 


G.S.A.  GS29F269H 


I.S.O.  9001  CERTIFIED 

•  201  •  www.salixgroup.com 


Network  faxing  made  easy 


NEW  RIghtFax  8.5  Enterprise-wide  fax  for  e-Document  Delivery. 


Send  and  receive  documents  via  tax,  email  or  over  the  Internet  reliably 
► Integrate  taxing  with  desktop  applications,  email,  ERP  and  CRM  programs 
-  Microsoft  Certified  for  Windows  2000  Server,  Advanced  Server  and  Cluster  Server 

►  RightFax  Supports  Active  Directory,  Exchange  2000/5.5  and  Windows  XP 

►  Send  digitally  encrypted  documents  and  certified  documents  via  the  Internet 

►  Easy  to  use,  install  and  manage  -  Web  based  Centralized  Administration 


^  Captaris 

RightFax 


IDC  ranks  RightFax  as  the  leading  enterprise  fax  solution  world-wide. 
More  than  80%  of  the  Fortune  100  companies  already  use  RightFax 


Call  for  FREE  Demo  914-764-9161  a^Jar 


Console  Ports  Over  Telnet! 


Access  Network  Serial  Console  Ports. 


Fr(^4i^where! 


Ethernet  Interface 


RS-232  Ports 


✓ 

✓ 

✓ 

✓ 

✓ 

✓ 


Sixteen  (16)  RS232  DB9  Serial  Ports 
lOBase-T  Ethernet  Port 
TCP/IP  Security  Features 
Port-Specific  Password  Protection 
Co-location  Features 
AC  and  48V  DC  Powered  Models 


23"  Rack 
Mounted 


AC  or 
DC  Power 


The  CMS-16  Console  Management  Switch  provides  secure, 

in-band  and/or  out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers,  and  other  network  equipment.  System  administrators  can  access  remote  devices 
in  order  to  change  configuration  parameters,  connect  users  to  restricted  ports,  collect  buffered 
data,  and  perform  a  variety  of  other  control  related  functions. 


Wto 


(800)  854*7226  •  www.wti.com 

5  Sterling  •  Irvine,  CA  92618  •  Fox:  (949)  583-9514 


western  telematic  incorporated 


The  NetWorkRack  Offers  You: 

'Four  Point  Mounting 

*M6  Rails  for  all  your  bracket  requirements 
'Expandable  Depth  from  30"  to  40" 

'Easy  Set-Up 

'Equipment  Mounting  Hardware  Kit 

Available  in  84",  72",  48"  heights. 
Customized  sizes  also  available. 

Contact  us  for  pricing  on  your  specific  requirements. 

www.networkcontcr.com 

AMERICAN  NETWORK  PRODUCTS 


Quality  Products  &  Services 
from  the  best  in^he  industry 


24-Hou 


air  Service 


Sales,  Maintenance 

SUN,  ATL,  Exabytagfroantum,  DEC,  Compaq,  Dell 

4mm,  8mm,  DLT  Tape  Drives 
and  Tape  Libraries 

Web  site:  www.wccx.com  email:sales@wccx.com 


Name 


Title 


www.salixgroup.com 

COMPUTER 

SECURITY 

“Be  careful  out  there ” 


Custom  fire  “rooms” 
and  “vaults"  available 


DATA  SAFE 


Store  diskettes,  tapes  and  cartridges  - 
in  a  DATA  SAFE 

Store  paper  documents  and  computer 
media  in  the  new  mixed  media  safes 
and  files 


MIXED 
MEDIA  FILE 

For  paper  and 
computer  media 


Both  units  protect  valuable  records 
from  fire,  water,  smoke,  humidity, 
sunlight,  vandalism  and  theft 

Units  are  available  in  various  sizes 


NWW3/03 


THE  SALIX  GROUP  1  -800-668-931 9  ext.  201 
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western  telematic  incorporated 

5  Sterling 

Irvine,  California  92618-2517 


RightFax  8.5 

Windows  NT®' and  Windows  2000®  Fax  Server 


Please 

Place 

Stamp 

Here 


Avatar 

SYSTEMS 

The  Network  Fax  Specialists! 


AVATAR  SYSTEMS 

49  Old  Mill  River  Road 
Pound  Ridge,  NY  10576 

Tel:  914-764-9161 

Fax:  914-764-9162 

For  fast  reply,  email: 

feridun@att.net 


NWW3/03 


SUN  Microsystems 

Used  &  Refurbished 

Workstations  &  Servers 


Repair 

HotSwap 


Immediate  Delivery 


i 


West  Coast  Computer  Exchange,  Inc. 
11167-A  Trade  Center  Drive 
Rancho  Cordova,  CA  95670 
Call  916-635-9340  or  fax  916-635-9485 


NWW3/03 


Strong  Solutions  from  American  Network  Products 
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When  it  comes  to  computer  racks  and  cabinets  you 
get  what  you  pay  for.  After  investing  thousands  of 
dollars  into  your  system  hardware  why  settle  for  a 
cheap  rack?  The  NetWorkCenter  is  designed  to 
give  you  maximum  strength  and  design  flexibility. 
Moderately  priced,  this  system  is  the  solution  you 
can  rely  on  for  years  to  come. 

VISIT  OUR  WEBSITE 
to  find  out  more  about  our  entire  line 
of  rack  solutions. 

AMERICAN  NETWORK  PRODUCTS 

For  more  information  call  508-867-3801  or  e-mail  us  at  amnetpro@aol  com 


www.networkcenter.com 
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We  Buy  &  Sell 


Cisco 


Need  it  today?  Have  it  tomorrow! 


lOvTl 

See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  goods.  Gifts 
Pens.  Clocks. 
Lighters.  Games 

www.suitcase.com 


I  Increase  Your 

Exposure  with 

*  NetworicWorld 

;  Response  Cards 

For  more  information, 

I  please  contact  Enku  Cubaie 
800.622.1108  or 
egubaie@nmv.com 


For  More  wforMatfon 
or>  ac/ver+mo^  To 
^e+wo rk  Wor(cffs  Marfeet^>(ace 
contact;  Er)ku  Gufraie* 
800-611-11 08  ext.  6¥65, 
e^ofcafeSnww-coM 


We  Buy  &  Sell 

USED 

CISCO 

Juniper 

Extreme 

800.451.3407 

Since  1985 

50-90/o  Savings 
Fully  Guaranteed 
Overnight  Delivery 

networkhardware.com 


ENTERPRISE 

Managed  SSL 


128  bit  -  Fully  Vetted 
99%  Browser  Coverage 

Central  Management  Real-Time  Deployment 

$49 

Enterprise  Discounts 
Enterprise  Sales  Group 
401-293-0119 

COMODO 

www.comodogmup.CQm 


FIBER  OPTIC 
SOLUTIONS 


•  T1/E1&T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Kthemet/Token  Ring 

•  Video/Audiu/Hubs/Repeaters 

•  ISO-9001 

s.s.  TECH 

Toll  Free  866-Sn  ech- 1 
630-761-3640,  Fax  630-761-3644 
www  xilech-bitdriver.com 
www.shcchfibcr.com 


You've 
Got  Mail! 

Security  Problems? 


C/sECUREMAliCS' 


Call  1  -888-746-6700 


Authorized  Distributor 


www.securematics.com 
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IT  Hardware  for  Less 


New  Overstock 

Open  Box 
Pre-Owned 
Discontinued 


WE  BUY  USED  CISCO 
&  SURPLUS  EQUIPMENT 

MBE  Certified  •  Woman  Owned 

11904  South  La  Cienega  Blvd,  Hawthorne,  CA  90250 
Tel  310  643.6021  •  Fax  310  643.6041  •  www.jecom.com 


Smartronix 

Network 
Test  Tool 


PDA  Based! 


4 699 


10/100  Ethernet  LAN  Tester 

Design  Engineers: 

Evaluate  &  test  new 
equipment  under 
development 
Network  Engineers: 

Determine  faulty 
NIC  cards,  wiring,  & 
network  equipment 


(FREE  Palm  ml05 
included) 


►  Displays  network  utilization,  packets 
&  statistics 

►  Captures  &  generates  various  error 
packets 

►  Network  load  testing  function 

►  Full  auto  negotiation  81  DHCP  ready 


Toll  Free  1-866-442-7767 
www.smartronlx.com/products 


For  more  information  on 
advertising 
in  the  Marketplace , 
STOP  everything,  and 
call  now! 
800-622-1108  ext 6465 
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Advertising  Supplement 

IT  Careers  Diversity  Report 

Country’s  Newest  Industry  Presents  Same  Face 


Despite  the  rapid  growth  and  intensity  of  competition  for 
talented  professionals,  the  information  technology  profession 
hasn’t  changed  the  face  of  its  workforce. 

Tyrone  Taborn,  founder  and  president  of  Career 
Communications  Group,  Inc.  (publisher  of  US  Black  Engineer), 
says  the  data  is  clear  about  the  situation.  Less  than  10%  of  the 
IT  workforce  is  comprised  of  black  Americans.  There's  a  contin¬ 
ued  need  for  new  employees,  estimated  at  better  than  500,000 
in  2003.  Based  on  a  black  population  that  is  12%  of  the  total 
American  population,  about  12,000  blacks  should  be  entering 
the  IT  workforce  this  year.  Yet, 
less  than  2,000  blacks  earned 
computer,  electrical  and  systems 
engineering  degrees  in  2002. 

Factor  in  retirements,  and  the 
message  is  clear  -  the  shortage 
of  IT  workforce  talent  isn’t  getting 
any  better,  and  among  the  factors 
is  an  inability  to  attract  blacks  to 
IT  studies  and  careers. 

Taborn  says  that  companies 
that  ache  from  the  shortage  of 
talent  for  software  developers 
and  systems  integrators  seldom 
turn  to  an  apparent  source  -  black 
students.  Nine  historically  black 
colleges  and  universities  have 


accredited  engineering  programs  and  are  producing  50%  of  the 
black  IT  graduates.  That  leaves  plenty  of  room  for  improvement 
among  the  more  than  300  other  accredited  degree  programs  in 
attracting  and  matriculating  black  IT  students. 

A  number  of  initiatives  are  underway  to  push  as  well  as 
pull  enrollment,  including  the  second  annual  FamilyNet  event, 
held  in  February  during  Black  History  Month.  The  weeklong 
event  helps  push  technology  into  black  homes  that  from  a 
socio-economic  stance  might  not  otherwise  use  IT.  Taborn  says 
the  effort  is  designed  to  also  demonstrate  to  black  families  that 

technology  can  improve  their 
lives  -  from  a  healthcare  and 
information  standpoint,  as  well 
as  the  ability  to  expose  a  new 
generation  early  to  the  jobs 
of  the  future  -  bridging  the 
cliche  digital  divide. 

The  Federal  Bureau  of  Labor 
Statistics  reports  that  one  in  seven 
American  workers  is  employed  in 
information  technology;  eight  out 
of  the  10  fastest  growing  occupa¬ 
tions  are  IT  related.  And,  one 
quarter  of  all  job  growth  through 
2008  will  come  in  IT.  “It’s  a 
myth  from  the  dot-com  bust 
that  tech  was  just  a  fad,”  Taborn 


says.  “It  has  permeated  every  aspect  of  the  American  economy. 
Opportunities  do  exist.” 

One  of  the  errors  occurring  during  the  dot-com  blast  was  that 
more  attention  was  paid  to  hiring  people  to  push  product  and  ser¬ 
vice  to  market  rather  than  developing  a  highly  qualified  workforce, 
jobs  were  listed  online,  and  companies  waited  for  applicants  with 
little  push  to  reach  out  to  under-represented  populations.  The  one 
exception  was  in  the  federal  contracting  segment,  where  large  cor¬ 
porations  continued  to  pay  strict  attention  to  increased  diversity  of 
workers  as  well  as  of  the  suppliers  selected. 

Taborn  sees  this  as  yet  another  opportunity.  As  the  infor¬ 
mation  technology  infrastructure  develops,  it’s  repeating  history 
much  as  did  the  building  of  the  nation’s  railroads  and  roadways. 
Taborn  calls  it  first-generation  opportunity  -  first-generation  col¬ 
lege  graduates,  first-generation  IT  workers.  “These  were  national 
projects  that  in  their  infancy  weren’t  standardized.  With  railroads, 
the  tracks  weren’t  standard  at  first  but  moved  in  that  direction.  The 
same  situation  exists  with  IT,  a  movement  toward  standardization 
and  protocols  that  will  increase  reliability,  interactivity  and 
security.  That  movement  creates  opportunity." 

Which  brings  him  to  the  next  first-generation  element 
-  business  ownership.  “Black  IT  professionals  need  to  generate 
a  different  kind  of  value  for  communities  by  setting  up  their  own 
companies.” 


IT  Careers 

For  more  information  on  recruitment  advertising,  contact: 
Nancy).  Percival,  Director,  Recruitment  Advertising  at 
800-762-2977 

500  Old  Connecticut  Path  Framingham,  MA  01701 
Produced  by  Carole  R.  Hedden 


Historically  Black  Colleges  & 
Universities 

Accreditation  Board  of  Engineering  and  Technology 
Institutions  with  ABET  -  Accredited  Programs 

Alabama  A  &  M  State  University 

Florida  A&M  State  University 

Hampton  University 

Howard  University  (Washington,  DC) 

Jackson  State  University  (MS) 

North  Carolina  A&T  State  University 

Prairie  View  A&M  State  University  (TX) 

Tennessee  State  University 

Tuskegee  University  (AL) 


Senior  Application  Developer. 
Dsgn  bus  &  systm  solutions  for 
client  req,  understand  systm 
dsgn  &  user  interfaces,  coordi¬ 
nate  systm  dsgn  w/multiple 
prgmrs  &  analysts;  write  applic 
code  based  on  analyst  systm 
dsgn  &  interface,  understand 
systm  dsgn  &  user  interfaces, 
complete  tasks  per  analysts 
specs.  &  req.;  oversee  systms 
analyst  efforts,  communicate 
w/clients,  attend  internal  meet¬ 
ings;  keep  up-to-date  on  tech¬ 
nologies  focusing  on  lang  dev, 
attend  training  on  dvlpmt  tech¬ 
nologies,  create  testing  method¬ 
ologies.  BS  in  Comp  Sci,  CIS,  or 
related  field  +  3  yrs  exp  in  job 
offd  or  as  Prgmr-Analyst  or  sim¬ 
ilar  duties  under  different  job 
title.  3  yrs  exp  wA/B  prgmg  using 
COM  objects  &  ASP  prgmg.  1  yr 
exp  setting  up  objects  w/MS 
SQL  server;  analysis  to  gather 
specs;  working  in  team  environ 
for  dev  &  testing  of  applic  specs; 
COBOL  mainframe  lang 
Demonstrated  exp.  w/MS 
ASP.NET.  40  hrs/wk,  $54,600/yr. 
Must  have  proof  of  legal  author¬ 
ity  to  work  in  US.  Send  resume 
to  IA  Workforce  Center,  215 
Watson  Powell  Jr.,  Way  Suite 
100,  Des  Moines,  IA  50309- 
1727.  Please  refer  to  JO 
IA1 101699  Employer  paid  ad. 


Computer  Systems  Analyst 

Perform  the  role  of  Technical 
Lead.  Analyze  data  process¬ 
ing  requirements  for  software 
development,  using  Business 
Objects,  Visual  Basic,  ASP, 
J2EE,  Java,  Weblogic,  Data 
warehousing.  Interface  with 
project  manager,  customers 
•  .  d  developers.  Req  2  yrs 
jure  exp.  Send  resume  to 
BLC  Consulting,  Human 
Ft  c  sources  26  Jef'srson 
Court,  Wethersfield,  CT 
06109 


Programmer  Analyst  to  analyze 
and  evaluate  existing  or  proposed 
systems,  and  revise  computer  pro¬ 
grams,  systems  and  related  proce¬ 
dures  to  process  data.  Prepare 
charts  and  diagrams  to  assist  in 
problem  analysis,  and  submit  rec¬ 
ommendations  for  solution.  Pre¬ 
pare  program  specifications  and 
diagrams,  and  develop  coding 
logic  flowcharts.  Encode,  test, 
debug,  and  install  the  operating 
programs.  Bachelor’s  degree, 
computer  Science,  Engineering,  or 
Information  Systems  and  minimum 
2  yrs.  Experience. 

Software  Engineer  to  provide  func¬ 
tional  and  empirical  analysis  relat¬ 
ed  to  the  design,  development  and 
implementation  of  software  operat¬ 
ing  systems;  including,  but  not  lim¬ 
ited  to,  utility  software,  develop¬ 
ment  software,  and  diagnostic  soft¬ 
ware.  Participate  in  the  develop¬ 
ment  of  test  strategies,  devices 
and  systems.  Bachelor's  Degree 
in  Engineering,  Computer  Science, 
or  Information  Systems  and  mini¬ 
mum  5  years  experience,  or 
Masters  Degree  and  2  years  expe¬ 
rience.  Send  resume  to  PlanetPro 
at  2893  Sunrise  Blvd,  Suite  107, 
Rancho  Cordova,  CA  95742,  Attn. 
HR,  orjperry@planetpro.com. 


GIS  Software  Quality  Control 
Specialists  (Atlanta,  GA  & 
Jacksonville,  FL):  Analyze, 
design  and  develop  real  time 
apps.  to  monitor  Cable  Network 
outages  in  GIS  and  COM+ 
technologies  including 

Maplnfo,  MapXtreme, 

GTViewer,  MS  Dev  Tools,  web 
technologies,  SQL  Server  and 
related  RDBMS  in  Win 
2000/Citrix.  To  apply  or  for 
complete  job  description, 
respond  to  Think  Resources, 
Inc.,  Attn;  GIS  Recruiting,  280 
Technology  Parkway,  Norcross, 
GA  30092  EOE. 


R  Systems,  Inc.  is  a  global  infor¬ 
mation  technology  services 
company  and  it  has  multiple  Job 
openings  for  the  following  posi¬ 
tions  at  its  corporate  office  in 
Sacramento  as  well  as  Project 
sites  throughout  the 
United  States: 

•  Applications  Programmer 

•  Database  Analyst 

•  Software  Engineers 

•  Systems  Analyst 

•  Network  Analyst 

•  IT  Project  Managers 

•  Business  Analyst 

•  Sales  Engineer 

•  Programmer  Analyst 

•  Sales  Manager 

•  Database  Administrators 

•  Market  Research  Analyst 

Minimum  requirement:  Bach¬ 
elor's  degree  or  equivalent  and 
one  year  experience  in  the  job 
offered.  All  positions  may 
involve  relocation  to  project 
sites. 

Submit  detailed  resume  and 
position  applied  for  to: 

Attn:  Sanjay  Saxena 
5000  Windplay  Drive  Suite  5 
El  Dorado  Hills,  CA  95762 


Java  Programmer 

Design,  development,  &  testing 
of  GUI  screens,  using  Java, 
Mysql,  JDBC.  Raise  &  resolve 
issues  by  working  w/team  mem¬ 
bers.  B.S.  in  CS  or  rel.  w/abil.  to 
use  Java,  Mysql,  JDBC, 
PL/SQL,  VBScript.  HTML,  JSP, 
CGI,  LINUX,  Informix,  Oracle. 
M.S.  accepted  in  lieu  of  B.S. 
40.0  hr/wk.  9  -5.  Resume  to  Mr. 
Earl  Taylor,  Software  Manager, 
etaylor@medisys.md, 
MediSYS,  7201  Halcyon 
Summit  Dr  ,  Montgomery,  AL 
36117. 


CRM  Software  Development  Man¬ 
ager.  Multiple  openings.  Respon¬ 
sibilities  include:  management  in¬ 
cluding  hands-on  design,  develop¬ 
ment  and  implementation  of  Inter- 
net/Intranet/Web-based  Customer 
Relationship  Management  (CRM) 
software  systems  using  Microsoft 
Visual  C++,  0-0  Modeling,  COM/ 
COM+,  IIS,  ASP,  XML,  XSL,  D- 
HTML,  ADO.  PL/SQL.  T-SQL,  SQL 
Server  2000,  Oracle  DBMS,  Micro¬ 
soft  Transaction  Server,  Visual 
Interdev,  MS  Project,  Visio,  Com¬ 
merce  Server  2000,  Biztalk  Server 
2000,  Rational  Rose,  Windows 
2000  Advanced  Server;  manage 
the  design  and  development  of  n- 
tiered  web  architectured  applica¬ 
tions;  and  serve  as  chief  liaison 
with  clients.  Must  have  a  Bachelor 
of  Science  degree  in  Computer 
Science  or  a  related  field  and  at 
least  5  years  of  progressive  experi¬ 
ence  in  software  engineering  devel¬ 
opment  management.  Must  have 
proof  of  legal  authority  to  work  in 
the  United  States.  If  interested, 
submit  resume  to:  Mr.  James 
Hershey,  Director  of  Client  Ser¬ 
vices  ,  CAS  Systems  of  America. 
Inc.,  1100  Abernathy  Road, 
Building  500,  Suite  750,  Atlanta, 
Georgia  30328 


Computer  Programmer;  Use 
practical  knowl  of  PowerBuilder, 
VB  langs  &  MS  SQL  server 
d/base  envrmts  to  analyze, 
dsgn,  install,  implmt  &  maintain 
comp  prgms  to  support  info 
reqmts  of  employer;  prgm  applic 
using  object  oriented  relational 
modeling  techniques;  create/ 
modify  d/base  for  user-specified 
views,  forms,  reports  &  stored 
procedures;  code,  repair,  test  & 
modify  prgms  to  ensure  techni¬ 
cal  &  functional  accuracy;  dsgn 
&  create  reporting  subsystm  & 
dvlp  business  reports;  train 
Employer's  users  in  use  of 
applies.  40hr/wk,  9a-5p, 
$40,600/yr.  Bach  w/Comp  Sci  as 
major  &  2  yrs  exp  in  job  req. 
Send  resume  to:  Wanda 
Castillo.  HR  Mgr.  AFS-USA.  Inc. 
198  Madison  Ave,  8th  FI.  NY.  NY 
10017. 


Project  Manager  (web  &  server 
tech.)  to  perform  cost  benefit 
analysis  (CBA)  of  data  mgmt. 
systems  (DMS),  identify  b/z 
reqs.,  conduct  Joint  Application 
Development  (JAD)  sessions, 
prepare  CBA/ bz  case  rpts.  Use 
Net  &  J2EE  tech.  DMS. 
Evaluate  technologies/  tools  to 
balance  project  needs,  function¬ 
ality,  cost,  &  user  acceptance. 
Manage  projects  using  RUP, 
UML,  &  Net/J2EE  framework. 
Create  functional  reqs.  &  securi¬ 
ty  framework.  BS  in  MIS  +  3  yrs. 
of  exp.  in  job  duties  (and  2  yrs. 
of  exp.  with  full  life  cycle  devel¬ 
opment,  methodologies,  design 
tools  &  testing).  Requires 
Microsoft  Certification  in  SQL 
Server  2000.  Send  resume  to 
BCA,  Inc.,  2180  Satellite 
Boulevard,  #325,  Duluth,  GA 
30097  with  proof  of  permanent 
work  authorization  in  the  United 
States. 


Senior  Engineer  to  plan,  coordi¬ 
nate,  lead  projects  for  the  develop¬ 
ment  of  applications  for  the  Power 
System,  ALSTOM  ESCA  Energy 
Management  and  Market  Opera¬ 
tions  using  knowledge  of  power 
system  algorithms,  bulk  power  sys¬ 
tem  &  energy  market  operations. 
Candidate  should  have  a  Masters 
degree  in  Electrical  Eng.  or  Comp. 
Sci.  with  minimum  of  two  years  of 
experience  in  real  time  system  pro¬ 
gramming  and  development  of 
Energy  Management  System  appli¬ 
cations  in  UNIX/C.  Also  required  is 
hands  on  work  experience  with 
Alstom  ESCA  EMS  and  Market 
Applications  Please  send  resumes 
to:  Robert  Martin  ISO-New 
England,  Inc.,  One  Sullivan  Road, 
Holyoke.  MA  01040-2841.  Fax: 
(413)540-4505  Refer  to  job  code; 
Senior  Engmeer-AN-PRS-2003. 
Proof  of  Permanent  employment 
authorization  and  salary  require¬ 
ments  are  a  'must.' 


SENIOR  SOFTWARE  ENGI¬ 
NEERS.  IT  company  requires 
Software  Engineers  to  work  with 
middleware  solutions  (J2EE  & 
NET),  web  services  technolo¬ 
gies  (XML,  XSL.  SOAP,  WDSL 
&  UDDI),  core  networking  tech¬ 
nologies  (MPLS,  IPSec,  AAA. 
Frame  Relay,  ATM),  IT  security 
technologies  (VPN,  Firewall, 
Intrusion  Detection  System), 
network  design  &  implementa¬ 
tion  (Juniper,  Lucent,  Cisco, 
Checkpoint  &  Nortel  devices), 
and  ability  to  develop  &  respond 
to  RFPs  &  RFIs.  Qualified  candi¬ 
dates  must  perform  above 
duties  using  languages  such  as 
JAVA,  C  and  C++  as  well  as 
work  in  various  databases 
(Oracle,  my  SQL,  etc.)  Must 
have  MS  in  Comp.  Science  or 
Comp.  Engineering  and  2  yrs 
exp  in  occupations  with  similar 
duties.  Send  cov  Itr/resume  to 
Attn:  Ramesh  Balakrishnan  at 
Danucom  Gorp.,  106  Apple 
Street,  Suite  203,  Tinton  Falls, 
NJ  07724/or  email  at: 
resumes@danucom.com 


Application  Developer  (Monroe. 
LA):  Exp'd  dvlpr  to  dvlp  AMOCS 
billing  applications;  debug  exist¬ 
ing  applications;  assist  in 
implmtg  new  applies  using 
AMDOCS.  Qualified  applicant 
will  identify  current  operating 
procedures  &  clarify  prgm  objec¬ 
tives;  analyze,  review,  &  alter 
prgms  to  increase  efficiency  or 
adapt  to  new  reqmts;  write  doc¬ 
umentation  to  describe  prgm 
dvlpmt,  logic,  coding.  &  correc¬ 
tions;  assist  users  to  solve  oper¬ 
ating  problems;  identify  prob¬ 
lems  &  rewrite  prgm  to  correct 
errors;  oversee  installation  of 
hardware  &  s/ware,  provide  tech 
assistance  as  needed  to  users. 
Must  have  min  3  yrs  exp  in  job 
offd  Wage/Salary  Hourly: 
$35/hr-$45/hour  FT.  Respond 
to:  IT&E  Corp.,  Ill  North  Market 
Street,  Ste  730,  San  Jose  Ca 
95113,  Attn  Tony  Allocca. 
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MWH  Americas  Inc.  seeks  a 
Senior  Software  Engineer  to 
work  in  Broomfield,  Colorado. 
Create  system  back  up  and 
recovery  procedures,  design, 
install  and  maintain  a  variety  of 
databases  Engage  in  data 
modeling  and  performance  tun¬ 
ing  Install  and  maintain  soft¬ 
ware  applications.  The  job 
requires  a  bachelors  degree, 
software  expenence,  and  work¬ 
ing  knowledge  of  installing  and 
configuring  Windows  NT 
Servers,  configuring  FTP  and 
SMTP  protocols,  designing, 
installing  and  maintaining  multi¬ 
ple  databases  and  data  model¬ 
ing,  Crystal  Reports  and  Oracle* 
Forms.  Send  resumes  by  mail 
only  to:  Dave  Sell.  MWH 
Americas,  Inc.,  380  Interlocken 
Crescent,  Suite  700,  Broomfield, 
CO  80021.  Refer  to  Job 
Opening  Number 

MWHDEN7SA. 


Manager  of  User  Interface 
Software  Development  sou¬ 
ght  by  NJ  based  Securities 
Dealer  for  Jersey  City,  NJ 
office.  Must  possess 
Bachelor's  degree  or  equiva¬ 
lent  in  Computer  Science  or 
directly  related  field  and  5 
years  exp.  in  software  devel¬ 
opment/design/analysis.  Exp. 
must  include  C/C++,  JAVA, 
C#.  Respond  to:  Human 
Resources  Department, 
#KFP03-99,  Knight  Financial 
Products,  130  Cheshire  Lane, 
Suite  102,  Minnetonka,  MN 
55305 


Software  Developer 
wanted  by  IT  comp  in 
NYC  to  design,  develop 
and  implement  J2EE. 
Use  XML  JavaScript, 
Sybase,  HTML,  MS 
SQL,  Weblogic,  EJB 
and  other  tools. 
Resumes  to  Vitech 
Systems  Group,  401 
Park  Ave  South,  NY,  NY 
10016. 
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Software  Engineer  Analyze 
s/ware  dvlpmt  project  reqmts; 
dsgn  objects  &  algorithms; 
implmt  s/ware  dvlpmt  project 
solutions;  write  test  cases  for 
quality  assurance  testing  of 
s/ware.  Req:  BS  in  Engg,  Comp 
Sci  or  related  field  +  2yrs  exp  in 
job  offd  or  as  S/ware  Dvlpr  or 
similar  duties  under  a  different 
job  title.  2  yrs  exp  w/CAE  s/ware 
dvlpmt,  C++  lang  &  object-ori¬ 
ented  modeling,  MS  Dvlpmt 
Studio.  Windows  NT  OS.  Exp 
w/modeling  real  world  engg 
systms  w/simulation  s/ware. 
Demonstrated  knowl  of  data 
architecture  &  dsgn  in  engg 
s/ware  systms,  incl  Comp  Aided 
S/ware  Systms.  40hrs/wk, 
$60K/yr.  Must  have  proof  of 
legal  auth  to  work  in  US.  Send 
your  resume  to  IA  Workforce 


Jnr.  Programmers.  Multiple 
Positions.  Collect  info,  to  help 
Snr.  Progs,  analyze,  formulate 
&  define  specs  &  develop/ 
modify  client  server  D/Base. 
Maintain  documentation  & 
guidelines.  Req:  Bachelors 
degree  in  Business  Admin. 
Comp.  Sci.  Comp.  Eng.,  or 
Electrical  Eng.  with  1  year  exp. 
40hr/wk.  Job/Interview  Site: 
Wilmington,  DE.  Send  resume 
to:  VXL  Technologies,  Inc. 
1220  N.  Market  St.,  #606, 
Wilmington,  DE  19801. 


Software  Analyst  needed 
to  dvlp  &  support  high- 
performance  affiliate 
tracking  (OLTP)  s/ware 
using  Mod-Perl,  Postgre- 
SQL,  C,  HTML,  Java¬ 
Script;  provide  systm 
admin  on  FreeBSD  & 
Linux  servers;  dsgn  & 
support  TCP-IP  networks 
for  Cisco  router  admin. 
Apply  to:  TrackingSoft, 
124  S.  Church  St, 
Rogersville,  TN  37857. 


PROGRAMMER  ANALYSTS 
req'd  for  Chicago,  IL  office. 
Design  &  Develop  software 
applications  using  C,  C++,  VB, 
Delphi,  ASP,  XML,  UML, 
Coolgen,  Interwoven,  Oracle, 
PL/SQL,  Developer  2000  & 
Designer  2000;  Perform  system 
&  integration  testing.  Bachelors 
req'd  in  Computers,  Engin¬ 
eering,  math  or  related  field  of 
study  +2  yrs  of  related  exp.  40 
hrs/wk.  Must  have  legal  authori¬ 
ty  to  work  permanently  in  the 
U.S.  Send  resume  to  HR 
Manager,  Allied  Business 
Consulting,  Inc.,  2906  Merry 
Wood  Drive,  Edison,  NJ-08817 


SOFTWARE  ENGINEERS  for 
Bloomington,  IL  office.  Design  & 
implement  mobile  commerce 
applications  using  PALM,  RIM, 
ECRM,  ASIC,  UML,  XML,  BLUE¬ 
TOOTH,  Data  warehousing, 
C++,  OOD,  Java,  Solaris  with 
cross  platform  ability  to  develop 
applications  on  client/server  sys¬ 
tems.  configuration  of  Oracle, 
UDB  database  on  real-time 
application  with  500GB.  Bach¬ 
elors  degree  req’d  in  Compu¬ 
ters/Engineering  +  2yrs  of  exp. 
Must  have  legal  authority  to  work 
permanently  in  the  U.S.  40hrs/ 
wk.  Please  send  resume  to  HR 
Manager,  DoingWap.  Net. Inc. 
316  Eisenhower  Parkway,  Lower 
Level,  Livingston,  New  Jersey- 
07039. 


IDLogix,  Inc.,  a  Concord  Risk 
Management  Company,  seeks 
applications  for  the  following 
positions:  programmer  analyst  & 
architect  (software  and  electron¬ 
ic  engineer)  to  work  in  Longmont 
or  Englewood  Colorado. 

All  positions  involve  the  devel¬ 
opment  of  embedded  software 
which  allows  security  devices  to 
communicate  with  host  comput¬ 
ers. 

These  positions  require  a  bach¬ 
elor's  degree  in  computer  sci¬ 
ence,  computer  engineering  or 
electronic/  electrical  engineer¬ 
ing.  The  programmer  analyst 
position  requires  experience  in 
developing  embedded  software 
and  related  tools,  databases 
and  languages.  The  architect 
position  requires  experience  in 
creating  designs  and  schemat¬ 
ics  for  electronic  embedded  soft¬ 
ware  for  electronic  devices  and 
assembly  languages. 

Resumes  should  be  sent  to 
Concord  Corporate  Services, 
Inc.,  Attn:  DS/FC  1-1-95,  1100 
Carr  Road,  Wilmington,  DE 
19809. 


Seeking  qualified  applicants  for  the 
following  positions  in  Memphis, 
TN:  Senior  Systems  Programmer. 
Serve  as  project/team  leader. 
Devise  procedures  to  solve  com¬ 
plex  problems  with  systems/appli¬ 
cations.  Requirements:  Bachelor's 
degree*  in  computer  science,  MIS, 
engineering  or  related  field  plus  5 
years  of  experience  in  systems/ 
applications  development.  Experi¬ 
ence  with  RDBMS;  software 
design;  and  Java  and/or  C++  also 
required.  ’Master's  degree  in 
appropriate  field  will  offset  2  years 
of  general  experience.  Submit 
resumes  to  Sibi  George,  FedEx 
Corporate  Services,  1900  Summit 
Tower  Blvd.,  Suite  1400,  Orlando, 
FL  32810.  EOE  M/F/D/V. 


Hetrosys,  LLC,  based  in  Detroit, 
Michigan  seeks  Senior  UNIX 
System  Administrators  and 
Senior  Database  Administrators 
for  Detroit  and  nation-wide 
opportunities.  All  positions 
require  B.S.  in  Computer 
Science.  UNIX  position  requires 
two  years  high  availibility  experi¬ 
ence  and  MC/Service  Guard 
certification.  Database  positions 
require  two  years  experience  in 
decision  support  application 
development  or  data  warehous¬ 
ing  in  addition  to  standard  suite 
of  OFtACLE  administration  tools. 
Apply  via  U.S.  Mail  with  resume 
to  Hetrosys,  LLC,  3757  S. 
Baldwin  Road  #223,  Lake  Orion, 
Ml  48359. 


System  Analyst  for  Lewis 
Center  OH  to  analyze  user  req., 
design,  develop  Internet  driven 
business  and  commercial  appli¬ 
cations.  Must  have  knowledge 
of  using  UNIX  (Solaris)  Java, 
CGI  scripting,  Perl,  JavaScript, 
JSP  Language,  JDSC  and  RMI, 
working  with  Java  classes, 
interfaces,  and  COM  compo¬ 
nents  to  make  software  more 
scalable  and  efficient.  Improve 
existing  computer  system;  trou¬ 
bleshoot.  Bachelor's  degree  in 
information  science.  Resumes 
to:  8185  Green  Meadows  Dr.  N 
Unit  U,  Lewis  Center,  OH 
43035.  EOE.  No  calls. 


PowerBuilder  Programmer 
sought  by  a  telco  company 
to  work  on  design  data¬ 
base  &  develop  related 
application  systems.  BS  in 
computer  science  and  1.5 
years  experience  in 
PowerBuilder  develop¬ 
ment  required.  Send 
resume  to  IT-ClientServer, 
WCI.  d/b/a  Logix 
Communications,  2950 
North  Loop  W„  STE  1200, 
Houston,  TX  77092. 


Yashoda  Systems  Inc.,  the  Premier 
IT  consulting  and  development  firm 
leading  the  Way  into  the  new  mil¬ 
lennium  with  its  solutions  for  all  the 
hi-tech,  networking  and  web  based 
programming  needs.  We  are  look¬ 
ing  for  the  following  position: 

Software  Engineers:  Research, 
design,  develop,  implement  and 
customize  Client-Server  Applica¬ 
tions  using  Java.  J2EE/EJB.  C++, 
XML.  Weblogic.  JDBC,  JNDI,  RMI 
and  RDBMS,  Outstanding  GUI 
development  skills  utilizing  a  vari¬ 
ety  of  technologies  including  Java 
Swing,  Java  Server  Pages.  Serv¬ 
lets,  and  CSS.  Involve  in  Database 
Development  by  Writing  and 
Implementing  Packages.  Stored 
Procedures,  Triggers  and  Func¬ 
tions  using  PL/SQL.  Analyze 
Business  Rules,  Solve  Production 
Problems,  Redefine  and  Convert 
Data  to  a  required  Form.  Requires 
a  Master's  in  Computer  Science  or 
a  related  field  and  2  years  of  expe¬ 
rience. 

Send  Resume  to:  Mr.  Vamshi 
Chinthalapani,  Yashoda  Systems 
Inc.,  7100  Regency  Square,  Suite 
230-4,  Houston,  TX-77036 
or  via  email  at:  resumes@ 
yashodasystems.com 


SAP  Basis  Consultant,  Atlanta: 
Assess  client  business  require¬ 
ments  &  provide  analysis. 
Perform  capacity  planning,  sys¬ 
tem  design  &  configuration  of 
SAP  system.  Implement,  docu¬ 
ment,  maintain  &  support  sys¬ 
tem.  Provide  expertise  to  func¬ 
tional  teams.  Reengineer  &  cus¬ 
tomize  where  necessary. 
Specialize  in  SAP  R/3  (ERP)  & 
SAP  BW  (Data  W/house)  sys¬ 
tems.  Requ:  Bach.  Degree  in 
Bus.  Admin,  or  MIS+2  yrs  in  job 
or  as  Systems  Analyst  perform¬ 
ing  SAP  Basis  Consulting.  Mail 
resume  to  HR,  Focused 
Systems,  325  Chelsey  Ct, 
Alpharetta,  GA  30004. 


Arcadia  Services  is  looking  for 
System  or  other  IT  consultants  to 
join  this  dynamic  company. 
Applicants  must  have  BS  degree. 
Experience  in  Power  Builder, 
Sybase,  window  NT,  Visual 
Interdev  is  plus.  Please  send 
resume  to  26777  Center  Park 
Blvd,  Southfield,  Ml  48076.  EOE. 

MIS/Programmer  Analyst  wanted 
by  Driktech,  LLC,  a  small  fast 
growing  company.  Candidates 
must  have  minimum  bachelor's 
degree  with  exp.  in  IT  project 
management  and  sales.  Attractive 
wage  with  full  benefits.  Please 
contact  1850  Timber  Trail,  Ann 
Arbor,  Ml  48103.  EOE. 


Software  Specialist  -  Needed  for 
NE  OH  to  design,  develop,  and 
support  various  web-based  appli¬ 
cations.  Design  and  implementa¬ 
tion  of  relational  database  (DBMS 
/SQL)  components,  development 
and  support  of  intranet  and  client- 
related  extranet  systems,  Must 
have  baccalaureate  degree  in 
Finance  or  equivalent.  Min  3 
years  exp  with  knowledge  of 
mixed  SQL  Server,  strong 
Microsoft  Access  skill,  SCO  Unix, 
Novell  NetWare  environment, 
ASP.  ADO/MDAC,  HTML.  D- 
HTML  JV.  Resume  to:  e-JobAds, 
Box  127,  27113  Brookpark  Rd. 
Ext.,  North  Olmsted.  OH  44070. 
EOE 


Arcadia  Services  is  looking  for 
System  or  other  IT  consultants  to 
join  this  dynamic  company. 
Applicants  must  have  BS  degree 
Experience  in  Power  Builder, 
Sybase,  window  NT,  Visual 
Interdev  is  plus.  Please  send 
resume  to  26777  Center  Park 
Blvd.  Southfield.  Ml  48076.  EOE. 

MIS/Programmer  Analyst  wanted 
by  Driktech,  LLC,  a  small  fast 
growing  company.  Candidates 
must  have  minimum  bachelor's 
degree  with  exp.  in  IT  project 
management  and  sales.  Attractive 
wage  with  full  benefits.  Please 
contact  1850  Timber  Trail,  Ann 
Arbor.  Ml  48103.  EOE. 


SOFTWARE  ENGINEER 
Requirements:  Design  and 
development  in  client/server 
architecture  using  Oracle  data¬ 
base  and  Oracle  software  devel¬ 
opment  tools.  Database  admin¬ 
istration.  Analysis,  design  and 
development  of  software  pro¬ 
jects  involving  Pro*C,  PL/SQL, 
and  front-end  tools  like  SQL* 
Forms.  Design  and  development 
of  software  projects  using  UNIX 
operating  systems  and  Windows 
and  software  developing  lan¬ 
guages  like  C.  The  job  duties 
are:  Analyze,  design,  develop, 
and  implement  software  projects 
using  Oracle,  Pro'C,  PL/SQL, 
GUI  tools,  etc.  Provide  user 
training  and  documentation. 
Perform  database  administra¬ 
tion  in  Unix  and  Windows. 
Requires  Master’s  in  Computers 
or  equivalent.  40  hours  per 
week  at  $71,000  per  year. 
Please  send  2  copies  of  resume 
to  Case  #200115224,  Labor 
Exchange  Office,  19  Staniford 
St,  1st  Floor,  Boston,  MA  02114. 


PROGRAMMER/ANALYST  - 
Analyze,  design,  program, 
implement,  test  &  support 
advanced  software  applications 
utilizing  Java,  Java  Script,  Visual 
Basic,  C  and  C++  under  UNIX 
and/or  Windows  operating  envi¬ 
ronment  for  client/server  and/or 
internet-related  applications. 
Responsible  for  integration  of 
enterprise  systems  such  as 
Messaging  Middleware,  CRM 
and  SAP/R3.  Req.  Bachelors  in 
Comp.  Sci.,  MIS,  or  Engg  (any 
field)  plus  2  yrs  exp.  Contact: 
International  Systems 

Technologies,  Inc.,  1812  Front 
Street,  Scotch  Plains,  NJ  07076. 


Web  Designers/Developers 
for  IT  co.  in  Morrisville,  PA 
w/fol!  skill  sets:  Java  Server 
Page,  Rational  Rose, 
Javascript,  Perl,  Cold 
Fusion,  Oracle  &  Active 
Server  Pages.  Bach/equiv 
in  MIS,  Engg.,  Comp  Sci  or 
equiv  +  6  mnths  exp  in  job 
off.  Apply  to  Cyberfuse 
Tech,  81  Big  Oak  Rd,  #100 
Morrisville,  PA  19067  215- 
428-6846  (F),  e-mail: 

careers@cyberfuse.com 


Senior  Software  Engineer  -  ana¬ 
lyze,  design,  develop,  test  &  main¬ 
tain  eGovernment  applications/ 
products  using  knowledge  of  &  exp. 
w/  Java,  Java  Swing,  Java 
Servlets,  Apache  Web  Server, 
Jrun,  Jserve,  Resin,  Tomcat, 
Oracle  iAS,  C/C++,  MS  Visual  C++, 
MFC.  STL,  Visual  Basic,  HTML, 
Unix  Shell  Scripts,  Oracle  &  MS 
SQL  Server  RDBMS.  ODBC. 
JDBC,  Unix  (Sun  Solaris)  & 
Windows  2000/NT:  develop  object 
model/use  cases  &  class  diagrams 
in  UML.  Requires  BS  degree  in 
computer  science  or  computer 
engineering  +  5  YR  related  experi¬ 
ence.  Interested  candidates  e:mail 
resumes  to  robert@ark.org. 


Principal  Software  Engin¬ 
eer  (Lake  Forest,  CA): 

Research  &  design  s/w  for 
continuous,  discrete  & 
batch  manufact;  apply  C#, 
C++,  COM,  XML,  XSL, 
HTML  &  .NET  to  design  s/w 
in  WinNT  and  XP;  apply  by 
resume:  Job  #WW/SK, 
Staffing,  Invensys  Sys¬ 
tems,  Inc.  26561  Rancho 
Parkway  South,  Lake 
Forest,  CA  92630  or 
emplovment@wonderware 

.com.  EOE. 


Software  Engineer  (Atlanta.  GA) 
Under  direct  supervision,  responsi¬ 
ble  for  the  analysis,  design,  pro¬ 
gramming,  testing,  debugging  and 
modification  of  local,  network  or 
internet-related  computer  pro¬ 
grams.  Analyze  and  formulate 
requirements  and  design  product 
application  features.  Create  com¬ 
puter  programs  from  design  specifi¬ 
cations  and  verify  functionality 
through  unit  test.  Review  existing 
programs  or  formulate  logic  for  new 
features  using  structured  program¬ 
ming  or  object  oriented  analysis 
and  design  techniques.  Create  or 
revise  application  and  user  docu¬ 
mentation  to  describe  new  function¬ 
ality.  Review  code  for  accuracy  and 
adherence  to  methodology.  Work 
in  a  variety  of  languages,  including 
Oracle  and  Java.  Requirements: 
Bachelor's  or  equivalent  degree*  in 
Computer  Science,  Math,  Engin¬ 
eering  or  related  field.  (*as  deter¬ 
mined  by  a  recognized  credentials 
evaluator).  Competitive  salary 
offered.  Apply  on-line  at 
www.retek.com/applv  to  job  rete- 
00000760.  Be  sure  to  include 
CompWorld  as  the  source  code. 


PROGRAMMER/ANALYST  - 
Analyze,  design,  program, 
implement  &  support  advan¬ 
ced  comp,  applications  utiliz¬ 
ing  JAVA-based  Bluestone 
Software,  Java,  Java  Script, 
ODBC,  HTML,  C  and  C++ 
under  UNIX  and/or  Windows 
operating  environment  for 
client/server  and/or  internet- 
related  applications.  Req. 
Bachelors  in  Comp.  Sci.,  MIS, 
or  Engg  (any  field)  plus  3  yrs 
exp.  Contact:  International 
Systems  Technologies,  Inc., 
1812  Front  Street,  Scotch 
Plains,  NJ  07076. 


Software  Engineers  &  Progr¬ 
ammers.  Design,  develop,  test 
and  implement  specialized  soft¬ 
ware  apps.  in  multi-systems 
envt.  in  (i)  Oracle  1 1  i  Apps. 
(Property  Management,  Manu¬ 
facturing,  Financial  &  HR), 
Noetix  Servers,  NQS  Admin, 
and  related  technologies;  (ii) 
LotusNotes,  Domino,  UML, 
J2EE,  Microsoft  Web  Tech¬ 
nologies  and  RDBMS.  To  apply 
or  for  complete  job  info  -  HR, 
Apps  Associates,  LLC,  9  East 
Loockerman  Street,  Suite  IB, 
Dover,  DE  19901.  US  Workers 
Only.  EOE. 


Programmer/Analysts  needed. 
Seeking  candidates  possessing 
BS  or  equivalent  and/or  rele¬ 
vant  work  experience.  Part  of 
the  req.  rel.  work  exp.  must 
include  2  years  using  Oracle. 
Duties  include:  Analyze,  plan 
and  define  program  objectives; 
Gather  information;  Convert 
design  specifications  to  applica¬ 
tions;  Modify  systems.  Work 
with  Oracle,  PL/SQL,  JSP,  Java 
and  C/C++.  Mail  resume,  refer¬ 
ences  and  salary  requirements 
to:  Intertek  Testing  Services  Int'l 
Inc.,  3741  Red  Bluff  Road,  Suite 
100,  Pasadena,  TX  77503. 


LLEORNA  Enterprises,  a 
provider  of  software  consult¬ 
ing  services,  seeks: 

Senior  Systems  Integration 
Engineer.  BS  or  equivalent  in 
Computer  Sci,  Engineering  or 
related  +  6  yrs  exp  in  SW 
engrng,  programming  or  relat¬ 
ed.  Also  2  yrs  exp  in  Windows 
&  Unix  systems  admin;  knowl- 
edge/bapkgrnd  in:  RDBMS; 
CGI;  and  Perl,  C++  or  Java; 
backgrnd  in  power  utilities/ 
energy  industry.  Mail  resume 
to:  2243  Shannon  Dr.,  South 
San  Francisco,  CA  94080. 


Become  a  Microsoft  Windows  2000  Security  Expert. 

It's  easy.  Just  point,  click  and  choose  the  format  that  works  best  for  you: 
•CD-ROm  •Uleb-Based  *Hands-0n  *Uirtual  Classroom 

Uisit  lletSmart  today  at  www.nwnetsmart.com 
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H  Sales  Offices 


Oroi  Lasker  Associate  Publisher/Vice  President 
JaneWe  S9man.  Sales  Operations  Coordinator 
Internet-  clasker.  jweissman@nvm.com 
(506)  460- 3333/FAX:  (508)  460-1237 


■  Network  World.  Inc. 

118Tumpike  Road,  Southborough,  MA  01772 
Phone:  (508)  460-3333 

TO  SEND  E-MAIL  TO  NWW  STAFF 

firstname_lastname@nww.com 


New  York/New  Jersey 

Tom  Davis,  Associate  Publisher.  Eastern  Region 
Elisa  Della  Rocco.  Regional  Sales  Manager 
Agata  Joseph.  Sales  Associate 
Internet:  tdavis.  elisas,  ajoseph@nww.com 
(2°1 )  587-0000/FAX:  (201)  712-0786 _ 

Northeast 

Donna  Pomponi,  Regional  Sales  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dpomponi.  chorgan@nww.com 
(508)  460-3333/FA X:  (508)  460-1237  _ 


Mid-Atlantic 

Jacqui  DiBianca.  Regional  Sales  Manager 
Marta  Hagan,  Sales  Assistant 
Internet'  jdibian,  mhagan@nww.com 
(610)  971-1530/FAX:  (610)  975-0837 


EvileeThibeault,  CEO/Publisher 

John  Gallant,  President/Editorial  Director 

Eleni  Brisbois,  Administrative  Planning  Manager 

FINANCE/BUSINESS  SERVICES 

Mary  Fanning,  Vice  President  Finance 

Paul  Mercer,  Finance  Manager 

Mary  Kaye  Newton,  Billing/AP  Coordinator 

Frank  Coelho,  Senior  Manager,  Business  Services 

LisaThompson,  Business  Services  Administrator 

Mark  Anderson,  Business  Services  Supervisor 

Kevin  McMillen,  Business  Services  Coordinator 

HUMAN  RESOURCES 

Elizabeth  Price,  Director  of  Human  Resources 
Eric  Cormier,  Human  Resources  Representative 

MARKETING 


Midwest 

Eric  Danetz.  Regional  Sales  Manager 
Agata  Joseph,  Sales  Associate 
Internet:  edanetz,  ajoseph@nww.com 
(201)  58.*  0090  FAX  O'O1)  712-9786 


Central 

Dan  Gentile,  Midwest  Regional  Director 
Gracie  Vela.  Sales  Assistant 
Internet:  dgentile,  gvela@nww.com 
(512)  249-2200/FAX:  (512)  249-2202 


Northern  California 

Sandra  Kupiec,  Associate  Publisher,  Western  Region 
Miles  Dennison,  Regional  Sales  Manager 
SeanWeglage,  Regional  Manager 
Teri  Whitehair,  Office  Manager/Exec.  Asst. 

Berit  Einsiedl,  Sales  Assistant 

Internet:  skupiec,  mdennison,  sweglage,  twhitehair 

beinsiedl@nww.com 

(650)  577-2700/FAX:  (650)  341-6183 _ 

Northwest/Rockies 

Karen  Wilde,  Regional  Sales  Manager 

Lara  Greenberg,  Regional  Sales  Manager 

Berit  Einsiedl,  Sales  Assistant 

Internet:  kwilde,  Igreenberg,  beinsiedl@nww.com 

(650)  577-2700/FAX:  (650)  341-6183 _ 

Southwest 

Becky  Bogart  Randell,  Senior  District  Manager 
Angela  Norton,  Sales  Assistant 
Internet:  brandell,  anorton@nww.com 
(949)  250-3006/FAX:  (949)  833-2857 _ 

Southeast 

Don  Seay,  Regional  Sales  Manager 

Caitlin  Horgan,  Sales  Assistant 

Internet:  dseay,  chorgan@nww.com 

(404)  845-2886/FAX:  (404)  250-1646 _ 


Customer  Access  Group 

Tom  Davis,  Assoc.  Publisher  Eastern  Region/General 

Manager,  Customer  Access  Group 

Shaun  Budka,  Director,  Customer  Access  Group 

Kim  Gaffrey,  Sales  Manager,  Western  Region 

Kate  Zinn,  Sales  Manager,  Eastern  Region 

Sharon  Stearns,  Manager,  Client  Services 

Caitlin  Horgan,  Sales  Assistant 

Internet:  tdavis,  sbudka,  kgaffrey,  kzinn,  sstearns, 

chorgan@nww.com 

(508)  460-3333/FAX:  (508)  460-1237  _ 


Fusion 

Alonna  Doucette,  Vice  President  Online  Development 
James  Kalbach,  Director,  Online  Services 
Stephanie  Gutierrez,  Online  Account  Manager 
Debbie  Lovell,  Online  Account  Manager 
Kristin  Douglas,  Online  Operations  Manager 
Internet:  adoucette,  jkalbach,  sgutierrez,  dlovell, 
kdouglas@nww.com 
(610)  341-6025/FAX:  (610)  971-0557 
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Users  find  pros  and  cons  to  outsourced  telephony  and 
in-house  VoIP. 


Technology  Pros 

IP  PBXs  •  Converged  applications. 

•  Simplified  management, 

Centrex  •  Outsourced  service  can  allow  for 
smaller  or  minimal  telecom  staff. 

•  Redundancy  of  hosted  carrier- 
grade  phone  switches. 


•  Added  costs  of  infrastructure 
upgrades  (switches,  power). 

•  ROI  can  be  hard  to  prove. 

•  Expensive  monthly  charges  for 
services,  including  simple  moves, 
adds  and  changes. 

•  New  features  are  hard  to 
implement. 


Centrex 

continued  from  page  1 

600  Cisco  IP  phones.  This  year 
Fidelity  expects  to  add  700  more 
IP  phones  and  3,500  softphones, 
which  were  built  in-house. 

Fidelity  is  but  one  of  many  large 
corporations  making  the  move 
from  Centrex  to  VoIP  Carriers 
have  lost  1.8  million  lines  and 
more  than  $1  billion  in  Centrex 
service  revenue  since  2000,  when 
the  IP  PBX  market  emerged, 
according  to  telecom  research 
firm  RHK. 

The  plan  at  Fidelity  is  to  move 


III  like  the  idea  of 
being  able  to  buy 
IP  services  from 
different  carriers, 
and  then  put  voice 
on  top  of  that.  9  9 

Mike  Paladino 

Associate  vice  president  of 
networking,  University  of 
Pennsylvania 


all  voice  traffic  in  its  Boston  head¬ 
quarters  to  the  company’s  Cisco- 
based  Gigabit  Ethernet  metropol¬ 
itan-area  network  (MAN),  which 
links  four  buildings  with  gigabit- 
speed  connections.  Redundancy 
built  into  the  Cisco  IP-based  MAN 
will  provide  faster  disaster  recov¬ 
ery  at  a  lower  price  than  Centrex. 
The  only  additional  cost  would 
be  for  the  extra  50M  to  70M 
bit/sec  of  additional  IP  voice  data 
on  the  MAN,  said  David  Morgan, 
vice  president  of  architecture  and 
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planning  for  Fidelity,  who  out¬ 
lined  the  company’s  VoIP  plans  at 
a  recent  IP  telephony  conference. 

One  of  the  most  important 
facets  of  Fidelity's  move  is  sup¬ 
porting  crucial  disaster-recovery 
operations.  “Right  now  we  have 
fairly  expensive  and  complicated 
disaster  recovery/’  Morgan  said. 
“We  can  provide  better  disaster 
recovery  with  VoIP" 

Centrex  lets  Fidelity  provide  dis¬ 
aster-recovery  phone  service  to 
thousands  of  high-level  employ¬ 
ees,  such  as  mutual-fund  man¬ 
agers,  by  rerouting  phone  num¬ 
bers  from  AT&T  to  on-site  PBXs, 
which  provide  dial-tone  service  if 
Centrex  services  are  interrupted. 

Ultimately,  Morgan  sees  IP  tele¬ 
phony  as  a  way  to  eliminate  costs 
in  terms  of  moves,  adds  and 
changes  —  occurrences  that  the 
company’s  Centrex  carrier  would 
charge  for. The  costs  will  be  elimi¬ 
nated  when  Cisco  CallManager  IP 
PBXs  are  tied  into  the  firm’s 
Active  Directory  and  Lightweight 
Directory  Access  Protocol  direc¬ 
tories.  The  ability  of  softphones 
and  IP  phones  to  reset  them¬ 
selves  when  moved  also  will  help 
ease  administration. 

Despite  its  perceived  cost  re¬ 
ductions,  selling  the  ROI  on  IP 
telephony  is  difficult  because 
there  is  no  specific  cost  advan¬ 
tage  to  physically  replacing  Cen¬ 
trex  with  an  IP  hardware  phone, 
Morgan  says. 

Proving  ROI  with  hard  numbers 
for  the  technology  can  get  fuzzy 
he  says.  And  implementation  mis¬ 
steps  can  be  expensive  setbacks, 
as  Fidelity  has  learned. 

When  Fidelity  installed  one  of 
its  first  IP  phone  pilots  to  about 
400  desks,  it  invested  in  new 
switches  that  provided  electric 
power  over  Ethernet  to  the 
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phones. 

“About  eight  months  later,” 
Morgan  said,  the  company  “took 
everyone  off  that  floor  and  scat¬ 
tered  them  around  the  building 
and  other  parts  of  Boston.  And 
now  that  [power-over-Ethernet] 
infrastructure  is  sitting  there,  and 
a  new  group  has  moved  in  using 
standard  Centrex. 

The  lesson  there,  he  said,  is 
“you  [can’t]  put  IP  phones  in 
one  place  and  upgrade  your 
power  in  just  one  place  . .  .you’ve 
got  to  look  at  upgrading  power 
supplies  everywhere.” 

Centrex  also  is  on  the  way  out 
at  the  University  of  Pennsylvania, 
where  voice  and  data  are  being 
converged  with  gear  used  nor¬ 
mally  for  carrier-grade  VoIP 

UPenn  leases  approximately 
28,000  Centrex  phone  lines  from 
Verizon,  with  the  contract  for  the 
service  ending  in  two  years. 
When  Centrex’s  time  is  up,  the 
school  plans  to  be  converged 
completely  with  IP  telephony 

The  core  of  the  school’s  VoIP 
network  will  be  two  softswitches 
from  BroadSoft,  a  maker  of  gear 
for  supporting  carrier  VoIP  ser¬ 
vices.  The  Session  Initiation  Pro¬ 
tocol  (SlP)-based  softswitches 
perform  call-processing  and  gate¬ 
way  functions,  and  run  on  two 
redundant  Sun  Solaris  boxes. 
UPenn  chose  the  carrier-grade 
gear  because  its  voice  needs  are 
equal  to  those  of  a  city  served  by 
a  regional  Bell  operating  com¬ 
pany  says  Mike  Paladino,  associ¬ 
ate  vice  president  of  networking 
at  the  university 

“One  of  the  strongest  drivers 
for  this  effort  is  that  we  will  have 
a  lot  more  control  over  the  fea¬ 
tures  we  have,”  with  the  IP 
softswitches,  compared  with  the 
Centrex  service,  he  says.  Centrex 
offers  a  minimal  number  of  fea¬ 
tures  that  are  hard  to  add  or 
change,  Paladino  says.  But  with  a 
converged,  SIP-based  network, 
the  IT  staff  can  offer  different  lev¬ 
els  of  features  and  applications 


to  different  groups. 

For  instance,  students  could 
receive  applications  that  integrate 
popular  programs  such  as  e-mail 
and  instant  messaging  with  SIP- 
based  voice.  Meanwhile,  more-tra¬ 
ditional  desktop  phone  services 
could  be  deployed  to  faculty  and 
staff  offices.  Requests  for  new  fea¬ 
tures,  such  as  conferencing  or 
new  dial  plans, also  would  be  eas¬ 
ier  to  provide  and  manage  with 
the  softswitches,  Paladino  adds. 

SIP  is  an  important  aspect  of 
UPfenn’s  plans  to  offer  expanded 
features  to  different  departments. 
Paladino  says  he  is  encouraged 
with  SIP’s  ability  to  let  different 
clients  from  multiple  vendors 
interoperate  —  such  as  IP  phones 
from  Cisco  or  Pingtel  talking  to 
software  clients, such  as  Microsoft 
Windows  Messenger. 

“We’re  interested  in  what  SIP 
has  to  offer  and  the  direction  SIP 
is  taking,”  Paladino  says.'Though 
it’s  too  early  to  tell  definitively, 
we’re  confident  this  is  where  the 
market  will  go.” 

As  UPenn  rolls  out  its  IP  tele¬ 
phony  project,  the  softswitches 
will  run  in  parallel  with  the 
Centrex  system,  and  all  the  pub¬ 
lic  switched  telephone  network 
(PSTN)  connectivity  will  go 
through  Verizon  trunks.  Paladino 
says  the  goal  is  to  hook  the 
softswitches  to  the  outside  world 
over  IP  trunks,  eliminating  most 
traditional  PSTN  connections 
into  the  university 

“I  like  the  idea  of  being  able  to 
buy  IP  services  from  different 
carriers,  and  then  put  voice  on 
top  of  that,”  Paladino  says.  He 
adds  that  SIP  also  will  be  a  key 
technology  because  the  ven¬ 
dors  that  are  preparing  for  con¬ 
verged  IP  services  —  such  as 
WorldCom  and  Verizon,  are  imp¬ 
lementing  SIP  infrastructures  for 
carrying  voice. 

Many  organizations  used  Cent¬ 
rex  because  their  telecom  staffs 
and/or  budgets  were  too  small  to 
handle  an  onsite  PBX.  But  with 


Centrex,  customers  sacrificed 
control  over  their  voice  features 
and  onsite  management  capabili¬ 
ties.  These  users  say  IP  PBXs  let 
them  have  more  control  over  their 
phone  networks  than  Centrex. 

Delaware  State  University  in 
Dover  installed  IP  PBX  technol¬ 
ogy  from  Siemens  and  shut  off 
its  Centrex  phone  service  earlier 
this  year.  The  move  reduced  the 
school’s  telecom  service  costs 
about  50%  by  cutting  its  Centrex 
lines  for  approximately  2,500 
faculty,  students  and  staff,  at  a 
cost  of  about  $13  to  $15  per 
month  per  line. 

The  campus  now  runs  a  mix  of 
IP  phones  in  its  dorms,  and  digi¬ 
tal  phones  to  its  staff  and  admin¬ 
istrative  offices  using  a  HiPath 
3000  IP  PBX  and  HiCom  digital 
phone  extension  gear  from  Sie¬ 
mens.  Besides  reducing  Centrex 
costs,  the  in-house  managed 
phone  system  lets  the  staff 
change  its  service  more  quickly 
than  previously,  according  to 
Charles  Fletcher,  assistant  pro¬ 
vost  for  technology  and  informa¬ 
tion  systems. 

“The  IP  phones  give  us  great 
flexibility’  Fletcher  says.  “For  any 
office  that  has  data  service,  we 
can  put  a  phone  in  there  without 
having  to  call  Verizon.  Those 
kinds  of  changes  can  be  done  in 
seconds.” 

On  the  West  Coast,  the  IT  staff  at 
El  Monte  (Calif.)  Union  High 
School  District  near  Los  Angeles 
decided  it  had  had  enough  with 
Pacific  Bell’s  Centrex  service. 

“We  were  dealing  with  a  lot  of 
problems  with  getting  our  carrier 
to  respond  in  a  timely  fashion,” 
says  Garett  McKay  director  of 
technology  for  the  city  of  El 
Monte.  Similar  to  Delaware  State’s 
situation,  moves  and  changes  to 
the  phone  system  involved  call¬ 
ing  the  carrier,  then  waiting  for  it 
to  move  phone  extensions  or  add 
and  delete  numbers. 

Last  year,  when  the  city  went 
online  with  a  Gigabit  Ethernet 
MAN  service  from  Pacific  Bell  — 
paid  for  by  the  federal  E-Rate  pro¬ 
gram  —  McKay  saw  an  oppor¬ 
tunity  to  get  the  entire  district  on  a 
unified  voice  and  data  network.  A 
Mitel  IP  PBX  now  processes  calls 
for  500  IP  phones  at  10  schools 
across  the  city  And  McKay’s  staff 
can  make  all  the  moves  they  want 
from  a  single  PC. 

“We  were  a  little  nervous  about 
taking  on  our  own  voice  man¬ 
agement  at  first,”  McKay  says, “but 
so  far, it’s  been  pretty  smooth.”* 
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Tightening  the  bolts  on  open  source 


T 


oday  I  assembled  a  second  typ¬ 
ing  chair  for  my  office.  Not  much 
of  a  column  opening,  I  grant 
you,  but  stick  with  me,  it  gets  better. 

On  the  underside  of  the  seat  was  a 
notice  that  gave  a  dire  warning 
about  serious  injury  if  the  chair  was  not  assembled 
correctly  and  said  I  should  “check  and  retighten  all 
bolts  and  parts  at  least  every  three  months.” 

Now  I  don’t  know  about  you,  but  1  have  never 
included  my  office  chairs  on  my  routine  mainte¬ 
nance  schedule. 

1  suppose  chair  maintenance  makes  sense  but 
only  if  one  is  concerned  that  an  untightened  chair 
could  be  a  risk  to  life  or  limb,  which  counts  me  out. 

1  imagine  there  are  people  who  routinely  check 
the  tightness  of  the  bolts  on  their  chairs  —  people 
who  gingerly  sit  down  and  tentatively  wiggle  their 
bottoms  to  test  if  the  chair  is  about  to  spontaneously 
disassemble.  I  am  not  one  of  those  people. 

Now  this  led  me  to  thinking  about  open  source 
software." Why?” you  might  wonder.  Ah,  because  the 
whole  problem  of  maintenance  and  management 
seems  to  be  a  central  issue  in  the  argument  over 
open  vs.  closed  source  software. 

With  closed  source  software,  we’ve  come  to  rely  on 
vendors  telling  us  about  upgrades  and  patches,  a 
service  we  like  because  we  feel  it  reduces  our  work¬ 


load.  We  let  the  antivirus  subsystems  autoupdate 
themselves,  and,  of  course,  we  let  Microsoft  tell  us 
what  updates  are  available  for  selected  Windows 
components.  But  beyond  that.it  is  all  a  bit,  well, slap¬ 
dash  in  the  closed  source  world. 

Let  me  digress  to  note  that  even  if  you  don’t  want 
Windows  Media  Player  to  be  updated  to  the  dread¬ 
ed  Version  9  through  the  Microsoft  Update  service, 
you  can’t  tell  it  not  to  offer  you  that  update  again. 

No,  Microsoft  knows  what  is  best  for  you  —  a  conse¬ 
quence  of  our  wanting  the  vendor  to  hold  our  hand. 

Anyway  people  who  don’t  believe  in  the  value  of 
open  source  point  out  that  open  source  providers 
have  no  interest  in  telling  you  about  fixes,  patches 
and  updates,  or  in  creating  fixes  and  patches  in  a 
timely  manner.  1  contend  the  flow  of  information 
about  open  source  problems  is  no  worse  than  in  the 
closed  source  world. 

I  know  many  of  you  have  had  serious  problems 
with  just  about  every  type  and  level  of  proprietary 
software  available.  Above  and  beyond  the  usual 
gripes,  the  real  problems  range  from  the  vendors  not 
admitting  to  problems  and  not  informing  users  of 
known  problems  to  being  way  too  slow  to  fix  the 
code  even  when  the  problem  is  admitted  to  and 
widely  circulated. 

What  I  hear  from  open  source  users  is,  well,  noth¬ 
ing  like  that.  It  seems  that  by  committing  to  open 


source, you  also  commit  to  a  greater  level  of  self- 
reliance.  What  it  comes  down  to  is  that,  if  you  are 
serious  about  your  IT  infrastructure  and  you  use 
open  source, you  have  to  know  more  about  the  soft¬ 
ware  and  must  be  willing  to  spend  on  training. 

However,  proprietary  software  has  a  few  advan¬ 
tages  —  the  documentation  might  be  more  read¬ 
able  (although  not  necessarily  more  thorough), you 
sometimes  can  get  solutions  running  with  less 
effort,  and  premium  support  and  service  might  be 
available. 

When  you  add  it  all  up,  the  costs  of  open  source 
and  proprietary  software  might  be  the  same,  just 
distributed  differently  It’s  just  another  example  of 
the  old  axiom  “There’s  no  such  thing  as  a  free 
lunch.” 

The  choice  between  open  source  and  proprietary 
software  is  a  trade-off  and  a  gamble. The  trade-off  is 
all  about  whether  you  get  better  value,  service  and 
support  from  commercial  closed  source  vendors  as 
compared  with  that  from  the  developers  and  the 
community  that  surround  open  source  projects. 

The  gamble  is  whether  you’ll  be  right  when  things 
go  wrong.  So,  which  are  you  betting  on? 

Now  excuse  me,  I  must  go  and  plan  my  chair  bolt¬ 
tightening  schedule.  Source  for  the  goose  to  backspin 
@gibbs.com. 
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Another  security  hole  worth  plugging 

There’s  no  pretty  way  to  tell  you  this:  Today's  topic 
is  your  fax  machine. 

Still  with  me?  . . .  Nice  to  know  you  have  faith  in  my 
judgment. 

Fax  machines  are  the  Rodney  Dangerf ield  of  office 
technology  for  good  reason:  Many  of  us  rarely  use 
them  any  more;  many  of  us  find  them  maddening 
when  we  do  use  them;  and  many  of  us  who  cover  IT  for  a  living  would  rather  write 
about  wastebaskets  than  fax. 

Nevertheless,  I  find  myself  drawn  to  the  story  being  told  by  a  start-up  called 
L.ink2it,  which  recently  began  shipping  an  appliance  that  promises  to  plug  one  of  the 
business  world's  most  pesky  security/privacy  holes:  yes,  the  fax. 

“The  most  obvious  security  hole  is  one  that  everybody  just  assumes  there  is  noth¬ 
ing  you  can  do  about,”  says  Larry  Heimendinger,  Link2it's  chairman.  “I  just  don't 
know  if  the  people  who  run  businesses  fully  understand  how  vulnerable  the  informa¬ 
tion  in  their  business  is  when  they  have  fax  machines  around.  Everybody  just  trusts 
in  the  good  graces  of  their  employees." 

He  illustrates  his  point  with  an  anecdote  about  a  bank  that  was  testing  his  compa¬ 
ny's  appliance  —  without  informing  bank  employees  —  and  discovered  that  a  previ¬ 
ously  trusted  manager  was  sending  and  receiving  faxes  on  a  regular  basis  that  to 
tne  untrained  eye  appeared  written  in  code.  The  bank  was  sufficiently  alarmed  to 
■  \  ofront  the  fellow,  who  immediately  copped  to  using  the  fax  machine  to  play  long¬ 
distance  chess.  He  told  his  interrogators:  “I  figured  you’d  catch  me  if  I  used  e-mail, 
thought  I  was  completely  safe  using  the  fax  machine." 

:  it  imagination  is  needed  to  envision  a  more  serious  breach,  especially  in  this 
....  :  ghtened  federal  regulation  of  privacy  and  security  practices. 


Link2it’s  appliance,  Fax2it  (size:  13.4  by  10.8  by  2.4  inches),  hangs  off  any  fax 
machine  and  is  attached  to  your  network.  It  takes  incoming  and  outgoing  faxes  and 
creates  e-mail  attachments  of  them  that  are  then  sent  to  dedicated  inboxes.  You 
need  one  appliance  per  machine,  and  at  about  a  grand  apiece  they  are  not  inexpen¬ 
sive  —  although  Heimendinger  argues  they’re  less  costly  than  buying  and  running 
fax  servers. 

Fax2it  won’t  stop  anyone  from  faxing  anything,  but  it  does  create  a  repository  of 
copies  that  will  be  easily  searchable  with  software  that  Link2it  has  coming  in  the 
fall,  Heimendinger  says.  It  also  will  disavow  employees  —  chess  players  and  the 
more  nefarious  alike  —  of  any  notion  that  the  fax  is  an  unmonitored  channel. 

A  number  of  issues  promise  to  create  rough  sledding  for  Link2it:  simple  inertia  on 
the  part  of  customers,  that  price  tag  and  the  fact  that  privacy  regulations  such  as 
HIPAA  do  not  explicitly  cover  fax. 

That  could  change  in  a  heartbeat,  though,  the  first  time  a  company  loses  a  lawsuit 
because  it  didn't  close  this  particular  barn  door. 

It's  still  chump  change  to  George  Steinbrenner 

Here's  a  classic  good  news,  more  good  news,  bad  news  story  for  those  of  us  who 
have  a  vested  interest  in  seeing  paid  online  content  become  something  more  than  a 
dream  for  publishers. 

According  to  Media  Metrix,  about  51  million  people  —  fully  one-third  of  all  Internet 
users  —  visited  a  sports-related  site  in  January.  Outstanding  news  if  you  run 
ESPN.com  or  the  like. 

The  second  bit  of  good  news  for  content  providers  is  that  those  visitors  shelled  out 
300%  more  last  year  to  access  such  sites  than  they  did  in  2001. 

Now  the  bad  news: Total  spending  on  sports  site  content  in  2002  was  a  pathetic 
$30.3  million,  or  roughly  one-fifth  of  the  New  York  Yankees  payroll. 

Care  to  comment ?  E-mail  is  preferable  to  fax.  The  address  is  buzz@nww.com. 


Introducing  the  NetVanta  3000  Series  from  ADTRAN . 


■  Cost-effective  access 
routing  for  branch  office 
connectivity  and 
Internet  access 


This  powerful  new  access  router  from  ADTRAN  is  everything  you 
need  in  a  router,  and  then  some,  at  a  cost  that’s  up  to  55  percent 
less  than  other  brand  name  routers.  This  high-quality,  low-cost 


■  Recognizable  Command 
Line  Interface  (CLI) 

■  No  retraining  or 
costly  certification 

■  Built-in  stateful 
inspection  firewall 

■  Interoperable  with  other 
standards-based  routers 


alternative  features  a  stateful  inspection  firewall,  a  DSU/CSU,  and  a 
familiar  CLI.  Comprehensive  dial  backup  and  PBX  connectivity  are 
available  at  a  minimal  cost.  Interoperable  with  other  standards-based 
routers,  the  NetVanta  3000  Series  fits  seamlessly  into  your  existing 
network.  Backed  by  unlimited  telephone  support  and  a  5 -year 
warranty,  the  NetVanta  3000  Series  is  clearly  the  intelligent  choice. 


New  vendor  to  routing?  No  way!  ADTRAN  has  incorporated  its 
router  technology  into  selected  WAN  connectivity  products  for  the 


■  Optional  PBX  connectivity 


past  five  years;  with  more  than  75,000  now  installed  in  networks 


■  Optional  dial 
backup  system 

■  Built-in  DSU/CSU  for 
WAN  termination 

■  Free  24x7  telephone 
technical  support 

■  Optional  extended 
installation  and 
maintenance  program 


around  the  world.  The  NetVanta  3000  Series  is  the  latest  in  a  long 
line  of  market-leading  internetworking  and  connectivity  solutions, 
from  a  company  with  a  17-year  history  of  customer  satisfaction. 

Dare  to  compare  the  new  NetVanta  3000  Series! 

www.  ad  t  ran.  com/in  fo/n  etva  n  ta3000 

877.212.0327  Technical  Questions 
877.280.8416  Where  to  Buy 
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MAGIC  GENIE  LAMP 

Can  grant  three  wishes.  At  your  command. 

Operates  on  oil,  hand  rubbing  and  suspended  disbelief. 
Brass-based.  Mysterious  and  powerful. 

Legendary  tall  tale,  completely  100%  imaginary.  Genie-driven. 
Magic  Genie  Lamp  is  not  presently 
available  in  stores,  now  or  ever. 


THE  NEW  IBM  (©server  iSeries- 

Can  grant  on/off  added  capacity.’  On  demand. 
Operates  easily  with  Windowsf  Linux®  and  OS/400? 
Copper-based.  Simple  and  powerful. 

Easy  to  use,  with  self-healing,  self-managing  capabilities. 
For  more  on  iSeries  and  the  on  demand  era, 
visit  ibm.com/eserver/genie 
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